Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virenbefall was soll ich tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.07.2013, 12:32   #1
vVManuelVv
 
Virenbefall was soll ich tun? - Ausrufezeichen

Virenbefall was soll ich tun?



Erstmal hallo! Bin neu hier und brauche Hilfe, also bitte nicht zu streng sein.
Seit einiger Zeit macht mein PC einige Probleme: Er hängt sich öfters auf, sodass alle Programme stecken bleiben(auch Windows), und ich nichts mehr tun kann. Dies dauert eine Weile an und dann funktioniert es wieder, jedoch bekomme ich von Microsoft Security Essentials die Meldung: Keine Aktion erforderlich, das mir etwas suspekt vorkommt. Seit gestern habe ich sogar Probleme mit den Rechten, obwohl ich Administrator bin(und der einzige Benutzer auf dem PC), konnte ich keine Musik Datei auf meine andere Festplatte verschieben, und manche Programme nicht updaten(Zugriff verweigert). Ich hatte nie die Zeit nachzuschauen was da lost ist, aber da ich jetzt Sommerferien haben, konnte ich einen Virenscan machen. Also habe ich gestern mit Microsoft Security Essentials einen Scan gemacht(musst ihn aber kurz vor Schluss abbrechen, da meine Zeit begrenzt war) und das Programm hat folgendes gefunden:

HackTool:Win32/Mailpassview
Hacktool:win32/Wirekeyview
Virus: Dos/EICAR_Test_File(Mit diesem Virus habe ich schon längere Zeit Probleme, habe es schon mit einigen Virenscanner versucht. Benutze auch Bitdefender Free Antivirus, aber dieses Programm stürzt dauernd ab, hängt das mit den Viren zusammen?)
HackTool:Win32/Passview
Adware:Win32/OpenCandy
HackTool:Win32/Dialupas
HackTool:Win32/Netpass
HackTool:Win32/Msnpass.B
Tool:Win32/PassView.B

Der Virenscanner versucht zwar diese Viren zu entfernen, aber aus irgendwelchen Gründen macht er keine Fortschritte.
Somit habe ich mich mal etwas auf meinen 2 Festplatten umgesehen und auch eine Datei: C:\Windows\SysWOW64\HOSTNAME.EXE gefunden. Auch eine Gruppe- oder Benutzernamen: TrustedInstaller, der mir bisher unbekannt war, ist der normal?.

Würde mich über eine Antwort freuen :-)

Geändert von vVManuelVv (06.07.2013 um 12:59 Uhr)

Alt 06.07.2013, 12:36   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________

__________________

Alt 06.07.2013, 13:10   #3
vVManuelVv
 
Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Manuel (administrator) on 06-07-2013 14:01:34
Running from C:\Users\Manuel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Nutzwerk) C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Steganos Software GmbH) D:\Program Files (x86)\SteganosHotKeyService.exe
(Steganos Software GmbH) D:\Program Files (x86)\fredirstarter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\system32\SndVol.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [InstallerLauncher] "C:\Program Files\Bitdefender\Antivirus Free Edition\Install\setuplauncher.exe" /run:"C:\Program Files\Bitdefender\Antivirus Free Edition\Install\Installer.exe" [561208 2013-07-05] (Bitdefender)
HKCU\...\Run: [Steam] "D:\Steam\steam.exe" -silent [x]
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
MountPoints2: {bef4a27f-cdd4-11e2-bfda-c86000a514aa} - F:\autostart.exe
MountPoints2: {d336bc97-f20a-11e1-a79f-c86000a514aa} - G:\setup.exe
MountPoints2: {d5ddb085-831a-11e2-8019-c86000a514aa} - H:\Startme.exe
MountPoints2: {e5ab5d1b-2abb-11e2-8e0d-c86000a514aa} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Autorun.exe
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Turbo Key] "C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe" [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-10-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SAFE2012 HotKeys] "D:\Program Files (x86)\SteganosHotKeyService.exe" [x]
HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] "D:\Program Files (x86)\fredirstarter.exe" [x]
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~2\browse~1\sprote~1.dll [1050112 2013-01-24] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://syb.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: (No Name) - {cdf97ee2-ded0-4369-835e-99dd08225fa5} -  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
HKCU SearchScopes: DefaultScope {25182C60-EA76-47E3-98AA-B91886055459} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227975
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&affID=119586&tt=gc_&babsrc=SP_ss&mntrId=267E08863B24FCC1
SearchScopes: HKCU - {25182C60-EA76-47E3-98AA-B91886055459} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227975
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Breowse2savue - {2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7} - C:\ProgramData\Breowse2savue\5156becfafe0d.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {cdf97ee2-ded0-4369-835e-99dd08225fa5} -  No File
BHO-x32: MP3 Rocket Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM-x32 - No Name - {cdf97ee2-ded0-4369-835e-99dd08225fa5} -  No File
Toolbar: HKLM-x32 - MP3 Rocket Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {CDF97EE2-DED0-4369-835E-99DD08225FA5} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 02 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 03 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 04 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 05 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 06 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 07 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 08 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 09 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 10 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 21 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 09 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 10 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 21 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Keyword.URL: user_pref("keyword.URL", "");
FF Homepage: user_pref("browser.startup.homepage", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: client - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\Extensions\client@anonymox.net.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
CHR Extension: (Battlefield Heroes) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (AdBlock) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Breowse2savue) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonnbhfkkomkpchfjhlaipgkanfiebp\1
CHR Extension: (SweetIM for Facebook) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0
CHR Extension: (YouTube Unblocker) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.4_0
CHR Extension: (Battlefield Play4Free) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-05] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-10-22] (Advanced Micro Devices, Inc.)
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-02-19] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-03-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-03-15] (BlueStack Systems, Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [59592 2013-07-05] (Bitdefender)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-03-24] ()
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 SaferSurfServices; C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe [1440808 2013-02-11] (Nutzwerk)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-01-11] (Advanced Micro Devices Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2013-03-09] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-06-15] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-06-15] (BitDefender)
S1 awvvkkyr; C:\Windows\system32\drivers\awvvkkyr.sys [49872 2013-07-05] (Microsoft Corporation)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-06-15] (Bitdefender SRL)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [13696 2013-04-20] (GenesysLogic)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [76072 2012-06-01] (Fresco Logic)
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-06-15] (BitDefender LLC)
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-01-31] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [104448 2012-05-10] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [221184 2012-05-10] (Renesas Electronics Corporation)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S1 tmytexzp; C:\Windows\system32\drivers\tmytexzp.sys [49872 2013-07-05] (Microsoft Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-21] (BitDefender S.R.L.)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
S1 acebpczx; \??\C:\Windows\system32\drivers\acebpczx.sys [x]
S1 adkvocef; \??\C:\Windows\system32\drivers\adkvocef.sys [x]
S1 ajpfxmaw; \??\C:\Windows\system32\drivers\ajpfxmaw.sys [x]
S1 alhychmr; \??\C:\Windows\system32\drivers\alhychmr.sys [x]
S1 bfxioaul; \??\C:\Windows\system32\drivers\bfxioaul.sys [x]
S1 bpvijebl; \??\C:\Windows\system32\drivers\bpvijebl.sys [x]
S1 clmxlfty; \??\C:\Windows\system32\drivers\clmxlfty.sys [x]
S1 cmsruhcm; \??\C:\Windows\system32\drivers\cmsruhcm.sys [x]
S1 cpmfwsed; \??\C:\Windows\system32\drivers\cpmfwsed.sys [x]
S1 cqycpxjh; \??\C:\Windows\system32\drivers\cqycpxjh.sys [x]
S1 dgpjxipa; \??\C:\Windows\system32\drivers\dgpjxipa.sys [x]
S1 diuxalrz; \??\C:\Windows\system32\drivers\diuxalrz.sys [x]
S1 dkzlagus; \??\C:\Windows\system32\drivers\dkzlagus.sys [x]
S1 drgldgjb; \??\C:\Windows\system32\drivers\drgldgjb.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S1 eawpgtou; \??\C:\Windows\system32\drivers\eawpgtou.sys [x]
S1 epridjao; \??\C:\Windows\system32\drivers\epridjao.sys [x]
S1 esapsxlf; \??\C:\Windows\system32\drivers\esapsxlf.sys [x]
S1 evhtccxh; \??\C:\Windows\system32\drivers\evhtccxh.sys [x]
S1 ezvlshqh; \??\C:\Windows\system32\drivers\ezvlshqh.sys [x]
S1 glubcgyh; \??\C:\Windows\system32\drivers\glubcgyh.sys [x]
S1 gygmpfau; \??\C:\Windows\system32\drivers\gygmpfau.sys [x]
S1 hihnhlsf; \??\C:\Windows\system32\drivers\hihnhlsf.sys [x]
S1 iinqklkl; \??\C:\Windows\system32\drivers\iinqklkl.sys [x]
S1 ivqmezri; \??\C:\Windows\system32\drivers\ivqmezri.sys [x]
S1 jgnwnlfc; \??\C:\Windows\system32\drivers\jgnwnlfc.sys [x]
S1 kdbgbvsl; \??\C:\Windows\system32\drivers\kdbgbvsl.sys [x]
S1 kerbkqnx; \??\C:\Windows\system32\drivers\kerbkqnx.sys [x]
S1 kxzanmsi; \??\C:\Windows\system32\drivers\kxzanmsi.sys [x]
S1 liuxtxoa; \??\C:\Windows\system32\drivers\liuxtxoa.sys [x]
S1 ljoupilg; \??\C:\Windows\system32\drivers\ljoupilg.sys [x]
S1 lkrxptao; \??\C:\Windows\system32\drivers\lkrxptao.sys [x]
S1 lljxdeak; \??\C:\Windows\system32\drivers\lljxdeak.sys [x]
S1 mdmjuhdo; \??\C:\Windows\system32\drivers\mdmjuhdo.sys [x]
S1 mnpycass; \??\C:\Windows\system32\drivers\mnpycass.sys [x]
S1 mxmdofgr; \??\C:\Windows\system32\drivers\mxmdofgr.sys [x]
S1 njlgbahj; \??\C:\Windows\system32\drivers\njlgbahj.sys [x]
S1 nmpyglev; \??\C:\Windows\system32\drivers\nmpyglev.sys [x]
S4 NvStUSB; \SystemRoot\system32\drivers\nvstusb.sys [x]
S1 obisswxv; \??\C:\Windows\system32\drivers\obisswxv.sys [x]
S1 oysxxuos; \??\C:\Windows\system32\drivers\oysxxuos.sys [x]
S1 sohjdafy; \??\C:\Windows\system32\drivers\sohjdafy.sys [x]
S1 utiulqgr; \??\C:\Windows\system32\drivers\utiulqgr.sys [x]
S1 wfaljust; \??\C:\Windows\system32\drivers\wfaljust.sys [x]
S1 wmnjtlij; \??\C:\Windows\system32\drivers\wmnjtlij.sys [x]
S1 wzgcquve; \??\C:\Windows\system32\drivers\wzgcquve.sys [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
S1 zgszitdm; \??\C:\Windows\system32\drivers\zgszitdm.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:01 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 12:07 - 2013-07-06 12:07 - 00000000 ____D C:\Users\Manuel\AppData\Local\{777BCFF1-1B52-47BB-A71B-50301E324535}
2013-07-06 10:56 - 2013-07-06 11:00 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 10:51 - 2013-07-06 10:51 - 00017821 ____A C:\ProgramData\1373100694.bdinstall.bin
2013-07-06 00:08 - 2013-07-06 00:08 - 00017821 ____A C:\ProgramData\1373062125.bdinstall.bin
2013-07-06 00:08 - 2013-07-06 00:08 - 00017821 ____A C:\ProgramData\1373062122.bdinstall.bin
2013-07-06 00:08 - 2013-07-06 00:08 - 00017574 ____A C:\ProgramData\1373062101.bdinstall.bin
2013-07-06 00:07 - 2013-07-06 00:07 - 00017575 ____A C:\ProgramData\1373062061.bdinstall.bin
2013-07-06 00:05 - 2013-07-06 00:05 - 00017389 ____A C:\ProgramData\1373061931.bdinstall.bin
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:49 - 2013-07-06 00:03 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:48 - 2013-07-05 23:48 - 00007481 ____A C:\ProgramData\1373060860.10984.bin
2013-07-05 23:47 - 2013-07-05 23:49 - 00024778 ____A C:\ProgramData\1373060860.8188.bin
2013-07-05 23:47 - 2013-07-05 23:49 - 00001394 ____A C:\ProgramData\1373060860.7288.bin
2013-07-05 23:47 - 2013-07-05 23:48 - 00002479 ____A C:\ProgramData\1373060860.9524.bin
2013-07-05 23:47 - 2013-07-05 23:47 - 00022775 ____A C:\ProgramData\1373060854.bdinstall.bin
2013-07-05 23:46 - 2013-07-06 00:05 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-05 23:46 - 2013-07-05 23:47 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:42 - 2010-05-06 22:59 - 00165032 ____A (ALWIL Software) C:\Windows\SysWOW64\aswBoot.exe
2013-07-05 23:42 - 2010-05-06 22:59 - 00038848 ____A (ALWIL Software) C:\Windows\SysWOW64\avastSS.scr
2013-07-05 23:28 - 2013-07-06 00:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:15 - 2013-07-05 23:17 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 23:01 - 2013-07-05 23:02 - 00000000 ____D C:\Users\Manuel\AppData\Local\{682D2B03-8A8B-4AAD-9303-291A2C8427DD}
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:34 - 2013-07-05 21:35 - 00000000 ____D C:\Windows\LastGood
2013-07-05 21:33 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-05 21:33 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 __RHD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:22 - 2013-07-05 21:23 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 21:16 - 2013-07-05 21:16 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tmytexzp.sys
2013-07-05 21:16 - 2013-07-05 21:16 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\awvvkkyr.sys
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-22 17:21 - 2013-06-22 17:22 - 00000000 ____D C:\Users\Manuel\AppData\Local\{5CF18B9F-FF50-4882-9B79-C48F2A06B2C3}
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:16 - 2013-06-22 15:17 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:14 - 2013-06-22 15:15 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:16 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:09 - 2013-06-22 15:13 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 14:58 - 2013-06-22 14:59 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:52 - 2013-06-22 14:55 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:41 - 2013-06-22 14:42 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:34 - 2013-06-22 14:36 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 20:03 - 2013-06-21 20:03 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 11:45 - 2013-06-16 11:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\{2B819D99-7233-4AE7-8015-CBD6DF514EBD}
2013-06-16 03:00 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 03:00 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 03:00 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 03:00 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 03:00 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 22:58 - 2013-06-15 22:58 - 00000000 ____D C:\Users\Manuel\AppData\Local\{0795E218-163D-4091-8280-F856413F2FA0}
2013-06-15 19:46 - 2013-06-15 19:47 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:45 - 2013-06-15 19:46 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 18:41 - 2013-06-15 18:42 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 17:28 - 2013-06-15 17:28 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-06-15 17:28 - 2013-06-15 17:28 - 00593144 ____A (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-06-15 17:28 - 2013-06-15 17:28 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-06-15 17:28 - 2013-06-15 17:28 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-06-15 04:23 - 2013-06-15 04:25 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:15 - 2013-06-15 04:17 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 13:48 - 2013-06-14 13:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\{90B651B6-5893-49CE-9ABF-048D9867FF8C}
2013-06-14 05:26 - 2013-06-14 05:28 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:14 - 2013-06-14 05:16 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:00 - 2013-06-14 05:14 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 04:58 - 2013-06-14 05:00 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:01 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 03:01 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 03:01 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 03:01 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-14 01:18 - 2013-06-14 02:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 00:58 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-14 00:58 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-14 00:58 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-14 00:58 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-14 00:58 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-14 00:58 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-14 00:58 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-14 00:58 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-14 00:57 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-14 00:57 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:41 - 2013-06-09 11:59 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-09 03:22 - 2013-06-09 04:39 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 01:57 - 2013-06-09 04:55 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-08 11:58 - 2013-06-08 11:59 - 00000000 ____D C:\Users\Manuel\AppData\Local\{E66B52E7-5936-4012-929A-B7EF260064FE}
2013-06-08 02:43 - 2013-06-08 03:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 15:52 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk
2013-06-06 21:49 - 2013-06-06 21:49 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (4).zip
2013-06-06 21:45 - 2013-06-06 21:45 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (3).zip
2013-06-06 21:44 - 2013-06-06 21:44 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master.zip
2013-06-06 21:44 - 2013-06-06 21:44 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (2).zip
2013-06-06 21:44 - 2013-06-06 21:44 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (1).zip
2013-06-06 19:24 - 2013-06-06 19:24 - 00001914 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-06-06 19:23 - 2013-06-06 19:23 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-06 19:23 - 2013-06-06 19:23 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-06 19:14 - 2013-06-06 19:14 - 00000000 ____D C:\Users\Manuel\AppData\Local\FLT
2013-06-06 19:09 - 2013-06-06 19:09 - 00000000 ____D C:\Users\Manuel\Downloads\Castle Crashers_Skidrow_by_CgFx
2013-06-06 19:01 - 2013-06-06 19:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\TERA
2013-06-06 18:44 - 2013-06-06 18:44 - 00000000 ____D C:\Users\Manuel\AppData\Local\{84C32822-1DB1-45E3-9F48-E9EA5607B237}
2013-06-06 18:04 - 2013-06-06 18:04 - 00001111 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Mozilla
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Users\Manuel\AppData\Local\Mozilla
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Users\Manuel\AppData\Local\Macromedia
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\ProgramData\Mozilla
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-06 18:03 - 2013-06-06 19:07 - 194394029 ____A C:\Users\Manuel\Downloads\Castle Crashers_Skidrow_by_CgFx.rar

==================== One Month Modified Files and Folders =======

2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:00 - 2013-07-06 14:01 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 13:51 - 2012-07-19 15:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2013-07-06 12:08 - 2013-05-31 10:27 - 01168179 ____A C:\Windows\WindowsUpdate.log
2013-07-06 12:07 - 2013-07-06 12:07 - 00000000 ____D C:\Users\Manuel\AppData\Local\{777BCFF1-1B52-47BB-A71B-50301E324535}
2013-07-06 12:07 - 2012-07-19 13:16 - 00000000 ____D C:\Users\Manuel\AppData\Local\Windows Live
2013-07-06 11:02 - 2013-01-19 12:06 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-06 11:00 - 2013-07-06 10:56 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 10:51 - 2013-07-06 10:51 - 00017821 ____A C:\ProgramData\1373100694.bdinstall.bin
2013-07-06 02:08 - 2013-01-25 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\Adobe
2013-07-06 00:19 - 2012-12-14 22:35 - 00000376 ____A C:\Windows\Tasks\WpsUpdateTask_Manuel.job
2013-07-06 00:18 - 2012-04-16 10:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 00:15 - 2012-07-19 13:44 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-06 00:08 - 2013-07-06 00:08 - 00017821 ____A C:\ProgramData\1373062125.bdinstall.bin
2013-07-06 00:08 - 2013-07-06 00:08 - 00017821 ____A C:\ProgramData\1373062122.bdinstall.bin
2013-07-06 00:08 - 2013-07-06 00:08 - 00017574 ____A C:\ProgramData\1373062101.bdinstall.bin
2013-07-06 00:07 - 2013-07-06 00:07 - 00017575 ____A C:\ProgramData\1373062061.bdinstall.bin
2013-07-06 00:06 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-06 00:05 - 2013-07-06 00:05 - 00017389 ____A C:\ProgramData\1373061931.bdinstall.bin
2013-07-06 00:05 - 2013-07-05 23:46 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-06 00:03 - 2013-07-05 23:49 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:58 - 2012-07-19 14:04 - 00000000 ____D C:\Users\Manuel\Desktop\Musik
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:49 - 2013-07-05 23:47 - 00024778 ____A C:\ProgramData\1373060860.8188.bin
2013-07-05 23:49 - 2013-07-05 23:47 - 00001394 ____A C:\ProgramData\1373060860.7288.bin
2013-07-05 23:48 - 2013-07-05 23:48 - 00007481 ____A C:\ProgramData\1373060860.10984.bin
2013-07-05 23:48 - 2013-07-05 23:47 - 00002479 ____A C:\ProgramData\1373060860.9524.bin
2013-07-05 23:47 - 2013-07-05 23:47 - 00022775 ____A C:\ProgramData\1373060854.bdinstall.bin
2013-07-05 23:47 - 2013-07-05 23:46 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:43 - 2013-01-19 12:06 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:26 - 2013-02-16 17:47 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-07-05 23:17 - 2013-07-05 23:15 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 23:15 - 2010-11-21 08:50 - 00696106 ____A C:\Windows\System32\perfh007.dat
2013-07-05 23:15 - 2010-11-21 08:50 - 00147280 ____A C:\Windows\System32\perfc007.dat
2013-07-05 23:15 - 2009-07-14 07:13 - 01612240 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 23:09 - 2012-07-19 22:01 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-07-05 23:09 - 2012-07-19 22:01 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-05 23:02 - 2013-07-05 23:01 - 00000000 ____D C:\Users\Manuel\AppData\Local\{682D2B03-8A8B-4AAD-9303-291A2C8427DD}
2013-07-05 23:01 - 2012-07-19 13:16 - 00116784 ____A C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-05 21:46 - 2012-11-03 17:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-05 21:44 - 2009-07-14 04:34 - 00000478 ____A C:\Windows\win.ini
2013-07-05 21:39 - 2013-05-31 10:22 - 00005103 ____A C:\Windows\setupact.log
2013-07-05 21:38 - 2010-11-21 09:00 - 00000000 ____D C:\Windows\ShellNew
2013-07-05 21:37 - 2012-07-16 15:04 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-05 21:37 - 2012-07-16 15:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-05 21:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:36 - 2012-02-10 12:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-05 21:36 - 2012-01-13 13:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-05 21:35 - 2013-07-05 21:34 - 00000000 ____D C:\Windows\LastGood
2013-07-05 21:32 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 __RHD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:23 - 2013-07-05 21:22 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 21:16 - 2013-07-05 21:16 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tmytexzp.sys
2013-07-05 21:16 - 2013-07-05 21:16 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\awvvkkyr.sys
2013-07-05 21:10 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-05 21:10 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-05 20:59 - 2012-12-09 10:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Care 365
2013-07-05 20:58 - 2012-07-19 13:44 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-05 20:57 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-05 20:29 - 2012-12-23 01:59 - 00119296 ____A C:\Windows\SysWOW64\zlib.dll
2013-06-23 11:52 - 2012-11-03 17:56 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\SoftGrid Client
2013-06-22 19:20 - 2013-06-04 21:06 - 00000683 ____A C:\Windows\LkmdfCoInst.log
2013-06-22 19:20 - 2012-12-15 14:09 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-06-22 18:23 - 2012-07-19 16:14 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.minecraft
2013-06-22 17:23 - 2012-10-13 11:00 - 00014452 ____A C:\Users\Manuel\Desktop\einloggdaten.rar
2013-06-22 17:22 - 2013-06-22 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\{5CF18B9F-FF50-4882-9B79-C48F2A06B2C3}
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:17 - 2013-06-22 15:16 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:16 - 2013-06-22 15:13 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:15 - 2013-06-22 15:14 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:09 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 15:01 - 2013-03-09 20:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Mp3tag
2013-06-22 14:59 - 2013-06-22 14:58 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:55 - 2013-06-22 14:52 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:43 - 2013-03-09 18:04 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-06-22 14:42 - 2013-06-22 14:41 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:36 - 2013-06-22 14:34 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 23:21 - 2012-07-19 15:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-21 23:21 - 2012-07-19 15:01 - 00000000 ____D C:\ProgramData\Skype
2013-06-21 20:03 - 2013-06-21 20:03 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2013-05-31 18:03 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2013-05-31 18:03 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2013-05-31 18:03 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-16 11:45 - 2013-06-16 11:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\{2B819D99-7233-4AE7-8015-CBD6DF514EBD}
2013-06-16 09:25 - 2013-05-31 10:21 - 00006770 ____A C:\Windows\PFRO.log
2013-06-15 22:58 - 2013-06-15 22:58 - 00000000 ____D C:\Users\Manuel\AppData\Local\{0795E218-163D-4091-8280-F856413F2FA0}
2013-06-15 20:49 - 2013-05-19 15:10 - 00000000 ____D C:\Users\Manuel\AppData\Local\Warframe
2013-06-15 20:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-15 19:47 - 2013-06-15 19:46 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:46 - 2013-06-15 19:45 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 19:46 - 2012-08-07 19:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2013-06-15 18:42 - 2013-06-15 18:41 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 17:28 - 2013-06-15 17:28 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-06-15 17:28 - 2013-06-15 17:28 - 00593144 ____A (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-06-15 17:28 - 2013-06-15 17:28 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-06-15 17:28 - 2013-06-15 17:28 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-06-15 04:25 - 2013-06-15 04:23 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:17 - 2013-06-15 04:15 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 02:52 - 2012-07-20 21:02 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 13:48 - 2013-06-14 13:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\{90B651B6-5893-49CE-9ABF-048D9867FF8C}
2013-06-14 07:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 05:28 - 2013-06-14 05:26 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:16 - 2013-06-14 05:14 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:14 - 2013-06-14 05:00 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 05:00 - 2013-06-14 04:58 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:25 - 2012-01-13 14:32 - 00000000 ____D C:\Windows\Panther
2013-06-14 03:02 - 2012-01-13 16:22 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-14 02:18 - 2013-06-14 01:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 02:18 - 2012-04-16 10:33 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 02:18 - 2012-01-13 15:34 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 11:59 - 2013-06-09 11:41 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 04:55 - 2013-06-09 01:57 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-09 04:39 - 2013-06-09 03:22 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-08 16:29 - 2012-07-19 21:35 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-08 16:08 - 2013-06-16 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 15:52 - 2013-06-08 00:42 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 14:28 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 11:59 - 2013-06-08 11:58 - 00000000 ____D C:\Users\Manuel\AppData\Local\{E66B52E7-5936-4012-929A-B7EF260064FE}
2013-06-08 03:45 - 2013-06-08 02:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk
2013-06-07 00:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-06 21:49 - 2013-06-06 21:49 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (4).zip
2013-06-06 21:45 - 2013-06-06 21:45 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (3).zip
2013-06-06 21:44 - 2013-06-06 21:44 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master.zip
2013-06-06 21:44 - 2013-06-06 21:44 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (2).zip
2013-06-06 21:44 - 2013-06-06 21:44 - 00271240 ____A C:\Users\Manuel\Downloads\frankenhud-master (1).zip
2013-06-06 20:25 - 2013-05-20 22:54 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Tunngle
2013-06-06 20:25 - 2013-05-20 22:54 - 00000000 ____D C:\ProgramData\Tunngle
2013-06-06 19:24 - 2013-06-06 19:24 - 00001914 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-06-06 19:23 - 2013-06-06 19:23 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-06-06 19:23 - 2013-06-06 19:23 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-06-06 19:14 - 2013-06-06 19:14 - 00000000 ____D C:\Users\Manuel\AppData\Local\FLT
2013-06-06 19:14 - 2013-05-31 14:02 - 00055533 ____A C:\Windows\DirectX.log
2013-06-06 19:10 - 2012-07-25 01:37 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2013-06-06 19:09 - 2013-06-06 19:09 - 00000000 ____D C:\Users\Manuel\Downloads\Castle Crashers_Skidrow_by_CgFx
2013-06-06 19:07 - 2013-06-06 18:03 - 194394029 ____A C:\Users\Manuel\Downloads\Castle Crashers_Skidrow_by_CgFx.rar
2013-06-06 19:01 - 2013-06-06 19:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\TERA
2013-06-06 18:44 - 2013-06-06 18:44 - 00000000 ____D C:\Users\Manuel\AppData\Local\{84C32822-1DB1-45E3-9F48-E9EA5607B237}
2013-06-06 18:04 - 2013-06-06 18:04 - 00001111 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Mozilla
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Users\Manuel\AppData\Local\Mozilla
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Users\Manuel\AppData\Local\Macromedia
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\ProgramData\Mozilla
2013-06-06 18:04 - 2013-06-06 18:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-06 18:04 - 2013-05-10 16:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

Files to move or delete:
====================
C:\ProgramData\ntuser.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 09:14

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013
Ran by Manuel at 2013-07-06 14:05:00
Running from C:\Users\Manuel\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

µTorrent (x32 Version: 3.2.3.28705)
007 Legends (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 3.6.0.6090)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
AirMech (x32)
Akamai NetSession Interface (HKCU)
Akamai NetSession Interface (x32)
Alan Wake (x32)
Alan Wake's American Nightmare (x32)
Alice: Madness Returns (x32)
Alliance of Valiant Arms (x32)
Alpha Protocol (x32)
AMD APP SDK Runtime (Version: 10.0.1084.2)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Fuel (Version: 2012.1022.2311.39807)
Amnesia: The Dark Descent (x32)
Antichamber
APB Reloaded (x32)
appbario2 Toolbar (x32 Version: 6.9.0.16)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
ARGO Online  (x32 Version: )
ARMA 2 (x32)
ARMA 2: Operation Arrowhead (x32)
ASIO4ALL (x32 Version: 2.10)
Ask Toolbar (x32 Version: 1.15.4.0)
Assassin's Creed (R) III (x32 Version: 1.01)
ASUS Ai Charger (x32 Version: 1.01.00)
ASUSUpdate (x32 Version: 7.18.03)
Audacity 2.0.2 (x32 Version: 2.0.2)
Audiosurf (x32)
Awesomenauts (x32)
Back to the Future: Ep 1 - It's About Time (x32)
Back to the Future: Ep 2 - Get Tannen! (x32)
Back to the Future: Ep 3 - Citizen Brown (x32)
Back to the Future: Ep 4 - Double Visions (x32)
Back to the Future: Ep 5 - OUTATIME (x32)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlefield Heroes (HKCU)
Battlefield Play4Free (HKCU)
Battlelog Web Plugins (x32 Version: 2.1.3)
BattlEye for OA Uninstall (x32)
Belkin USB Wireless Adaptor (x32 Version: 1.0.0.10)
BioShock 2 (x32 Version: 1.0.0005.131)
BioShock 2 (x32 Version: 1.00.0000)
Bitdefender Antivirus Free Edition (Version: 1.0.16.1026)
Blacklight: Retribution (x32)
Blender (Version: 2.67)
Blockscape Phase 1 (beta) (x32)
BlueStacks App Player (x32 Version: 0.7.10.869)
BlueStacks Notification Center (x32 Version: 0.7.10.869)
BrickForce 1.9.87 (x32 Version: 1.9.87)
BrowseToSave (Version: 1.0)
Brütal Legend (x32)
Bullet Run (x32)
Bulletstorm (x32 Version: 1.0.0000.130)
Burnout Paradise: The Ultimate Box (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II - Zombies (x32)
Call of Duty: Black Ops II (x32)
Camtasia Studio 7 (x32 Version: 7.1.1)
Capsized (x32)
Castle Crashers (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.1022.2311.39807)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1022.2311.39807)
Catalyst Control Center InstallProxy (x32 Version: 2012.1022.2311.39807)
Catalyst Control Center Localization All (x32 Version: 2012.1022.2311.39807)
CCC Help Chinese Standard (x32 Version: 2012.1022.2310.39807)
CCC Help Chinese Traditional (x32 Version: 2012.1022.2310.39807)
CCC Help Czech (x32 Version: 2012.1022.2310.39807)
CCC Help Danish (x32 Version: 2012.1022.2310.39807)
CCC Help Dutch (x32 Version: 2012.1022.2310.39807)
CCC Help English (x32 Version: 2012.1022.2310.39807)
CCC Help Finnish (x32 Version: 2012.1022.2310.39807)
CCC Help French (x32 Version: 2012.1022.2310.39807)
CCC Help German (x32 Version: 2012.1022.2310.39807)
CCC Help Greek (x32 Version: 2012.1022.2310.39807)
CCC Help Hungarian (x32 Version: 2012.1022.2310.39807)
CCC Help Italian (x32 Version: 2012.1022.2310.39807)
CCC Help Japanese (x32 Version: 2012.1022.2310.39807)
CCC Help Korean (x32 Version: 2012.1022.2310.39807)
CCC Help Norwegian (x32 Version: 2012.1022.2310.39807)
CCC Help Polish (x32 Version: 2012.1022.2310.39807)
CCC Help Portuguese (x32 Version: 2012.1022.2310.39807)
CCC Help Russian (x32 Version: 2012.1022.2310.39807)
CCC Help Spanish (x32 Version: 2012.1022.2310.39807)
CCC Help Swedish (x32 Version: 2012.1022.2310.39807)
CCC Help Thai (x32 Version: 2012.1022.2310.39807)
CCC Help Turkish (x32 Version: 2012.1022.2310.39807)
ccc-utility64 (Version: 2012.1022.2311.39807)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Clever & Smart - A Movie Adventure (x32)
Clownfish for Skype (x32)
Costume Quest (x32)
Counter-Strike: Global Offensive (x32)
Crazy Taxi (x32)
Cry of Fear (x32)
Curse Client (HKCU Version: 5.1.1.584)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
DC Universe Online (x32)
DC Universe Online Live (2) (HKCU)
DC Universe Online Live (HKCU)
De Blob (alleen verwijderen) (x32)
Dead Island - Game of the Year Edition (x32)
Dead Rising 2 (x32 Version: 1.0.0000.130)
Dead Space (x32)
Dead Space 2 (x32)
Dear Esther (x32)
Deckadance (x32 Version: 2.0)
Desura (x32 Version: 100.53)
Desura:  (x32 Version: )
Desura: Minion Master (x32 Version: Beta)
Desura: Renegade X (x32 Version: Black Dawn)
Desura: The Briefcase (x32 Version: Full)
Devil May Cry 3 Special Edition (x32 Version: 1.00.000)
DEVIL MAY CRY 4 (x32 Version: 1.00.000)
DevPro YGO Launcher (x32 Version: 1.8.3)
Diablo III (x32 Version: 1.0.4.11327)
Disk Unlocker (x32 Version: 2.0.8)
DmC Devil May Cry (x32)
Dota 2 (x32)
Dragon Nest Europe (x32)
Dropbox (HKCU Version: 2.0.16)
Drumaxx (x32)
Duel of Champions (x32)
DX10 (x32)
EAX Unified (x32)
Edison (x32)
Eets (x32)
EPU-4 Engine (x32 Version: 1.03.03)
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
Far Cry 3 (x32 Version: 1.01)
Fiesta Online DE 1.04.053 (x32 Version: 1.04.053)
FL Studio 10 (x32)
FormatFactory 3.0.1 (x32 Version: 3.0.1)
Fraps (remove only) (x32)
Free Audio Converter version 5.0.24.430 (x32 Version: 5.0.24.430)
Free YouTube Download version 3.2.1.320 (x32 Version: 3.2.1.320)
Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610)
Garry's Mod (x32)
Garry's Mod 13 Beta (x32)
Ghost Recon Online (HKCU Version: 1.30.8665.2)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (x32 Version: 26.0.1410.64)
Google Update Helper (x32 Version: 1.3.21.145)
Gotham City Impostors: Free To Play (x32)
GTR 2 1.0.0.0 (x32 Version: v1.0.0.0)
Hardcore (x32)
Harry Potter und der Halbblut-Prinz™ (x32 Version: 1.0.0.0)
Harry Potter und der Orden des Phönix™ (x32)
Hector: Ep 1 (x32)
Hector: Ep 2 (x32)
Hector: Ep 3 (x32)
Hell Yeah Wrath of the Dead Rabbit (c) Sega version 1 (x32 Version: 1)
Hitman: Absolution (x32)
IL Autogun (x32)
IL Download Manager (x32)
IL DrumSynth Live (x32)
IL Gross Beat (x32)
IL Harmless (x32)
IL Harmor (x32)
IL Juice Pack (x32)
IL Ogun (x32)
IL Shared Libraries (x32)
IL Slicex (x32)
IL Vocodex (x32)
InfraRecorder 0.52 (x64 edition) (Version: 0.52.00.00)
InterActual Player (x32)
Java 7 Update 15 (64-bit) (Version: 7.0.150)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Jurassic Park The Game (x32 Version: 1.0.0.15)
Just Cause 2 (x32)
KCService.de Fernwartung (x32 Version: 1.0.0)
Killing Floor (x32)
Kingsoft Office 2012 (8.1.0.3333) (x32 Version: 8.1.0.3333)
League of Legends (x32 Version: 1.3)
Left 4 Dead (x32)
Left 4 Dead 2 (x32)
Lego Harry Potter (x32)
Little Inferno (x32)
Livestream Procaster (x32 Version: 20.3.25)
Logitech Gaming Software (Version: 8.40.83)
Logitech Gaming Software 8.46 (Version: 8.46.27)
Logitech SetPoint 6.32 (Version: 6.32.20)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Magicka (x32)
MAGIX Foto & Grafik Designer 6 SE (Version: 6.1.3.24817)
MAGIX Foto & Grafik Designer 6 SE (x32 Version: 6.1.3.24817)
Maximus (x32)
Media Go (x32 Version: 2.3.255)
Media Go Video Playback Engine 1.96.118.08260 (x32 Version: 1.96.118.08260)
Melodyne 3.2 (x32 Version: 3.2.0202)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Metro 2033 (x32)
Microsoft .NET Framework 4.5 Client Profile Developer Preview (Version: 4.5.40805)
Microsoft .NET Framework 4.5 Extended Developer Preview (Version: 4.5.40805)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
MicroVolts (x32)
Mirror's Edge™ (x32 Version: 1.0.1.0)
miTracker 1.2.0 (x32 Version: 1.2.0)
Morphine (x32)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MP3 Rocket (x32)
MP3 Rocket Toolbar Updater (HKCU Version: 1.2.2.23821)
Mp3tag v2.56 (x32 Version: v2.56)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Mumble 1.2.3 (x32 Version: 1.2.3)
Need for Speed Most Wanted (x32)
Need For Speed™ World (x32 Version: 1.0.0.1229)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
NWZ-E460 WALKMAN Guide (x32 Version: 2.0.2.04130)
Oddworld: Abe's Exoddus (x32)
Oddworld: Abe's Oddysee (x32)
Oddworld: Munch's Oddysee (x32)
Oddworld: Stranger's Wrath (x32)
OpenITG (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Orca (x32 Version: 3.1.3790.0000)
Orcs Must Die! 2 (x32)
Origin (x32 Version: 9.0.13.2142)
osu! (x32 Version: 0.0.0.0)
Paint.NET v3.5.10 (Version: 3.60.0)
Pamela Basic 4.8 (x32 Version: 4.8)
Pando Media Booster (x32 Version: 2.6.0.8)
Pandora Service (x32)
PC Probe II (x32 Version: 1.04.86)
PCSX2 - Playstation 2 Emulator (x32)
PDF Settings CS6 (x32 Version: 11.0)
Pinnacle Game Profiler (x32 Version: 6.8.2)
PlanetSide 2 (x32)
PlayStation(R)Network Downloader (x32 Version: 2.07.00849)
PlayStation(R)Store (x32 Version: 4.12.6.14870)
PoiZone (x32)
Pokémon Trading Card Game Online (x32 Version: 1.0.0)
Poker Night 2 (x32)
Poker Night at the Inventory (x32)
Project: Snowblind 1.0 (x32)
Psychonauts (x32)
PunkBuster Services (x32 Version: 0.991)
Puzzle Agent (x32)
Puzzle Agent 2 (x32)
QuickTime (x32 Version: 7.74.80.86)
RAIDXpert (x32 Version: 3.2.1540.5)
ratDVD 0.78.1444 (x32 Version: 0.78.1444)
Rayman Origins (x32 Version: 1.02)
Realm of the Mad God (x32)
Realtek Ethernet Diagnostic Utility (x32 Version: 1.00.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
REALTEK Wireless LAN Driver and Utility (x32 Version: 1.00.0187)
reFX Nexus VSTi RTAS v2.2.0 (x32)
resident evil 4 (x32 Version: 1.00.0000)
RESIDENT EVIL 5 (x32 Version: 1.0.0.129)
Return to Castle Wolfenstein (x32 Version: 1.0)
S4 League_EU (x32 Version: 1.00.0000)
SaferSurf (x32 Version: 2.4.6)
Sakura (x32)
Sam & Max 301: The Penal Zone (x32)
Sam & Max 302: The Tomb of Sammun-Mak (x32)
Sam & Max 303: They Stole Max's Brain! (x32)
Sam & Max 304: Beyond the Alley of the Dolls (x32)
Sam & Max 305: The City that Dares not Sleep (x32)
Sawer (x32)
SEGA Bass Fishing (x32)
Serious Sam 3: BFE (x32)
Shank (x32)
Shank 2 (x32)
SimSynth (x32)
Six Updater (x32 Version: 2.09.7034)
Sizer 3.34 (x32 Version: 3.3.4.0)
Skype™ 6.5 (x32 Version: 6.5.158)
Sniper Elite V2 (x32)
Sonic Adventure DX (x32)
Sonic Generations (x32)
Source Filmmaker (x32)
Space Channel 5: Part 2 (x32)
Spec Ops: The Line (x32)
Stacking (x32)
Steam (x32 Version: 1.0.0.0)
Steganos Online-Banking 2012 (x32 Version: 2.0.3)
Steganos Safe 2012 (x32 Version: 13.0.5)
StepMania v5.0 beta 1a (Nur entfernen) (x32 Version: )
Super Crate Box (x32)
Super Meat Boy (x32)
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007)
SweetPacks bundle uninstaller (x32 Version: 1.0.0000)
swMSM (x32 Version: 12.0.0.1)
Sytrus (x32)
Team Fortress 2 Beta (x32)
TeamSpeak 3 Client (HKCU Version: 3.0.9.1)
TeamViewer 8 (x32 Version: 8.0.16642)
TERA (x32 Version: 19.04.02.03.hf3)
The KMPlayer (remove only) (x32 Version: 3.6.0.87)
The Walking Dead GotY (x32 Version: 1.0)
Thomas Was Alone (x32)
Titan Quest (x32)
Titan Quest: Immortal Throne (x32)
Tomb Raider Version v1.0.716.5 (x32 Version: v1.0.716.5)
Tomb Raider: Underworld 1.0 (x32)
Torchlight 2 GERMAN (c) DEADALIC version 1 (x32 Version: 1)
Toxic Biohazard (x32)
TrackMania Nations Forever (x32)
Treiber-Studio 6.2.1.104  (x32 Version: 6.2.1.104)
Tunngle beta (x32)
Turbo Key (x32 Version: 1.01.03)
Unity Web Player (HKCU Version: )
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VirtualCloneDrive (x32)
VLC media player 2.0.2 (Version: 2.0.2)
VLC media player 2.0.6 (x32 Version: 2.0.6)
VVVVVV (x32)
Wallace & Gromit Ep 1: Fright of the Bumblebees (x32)
Wallace & Gromit Ep 2: The Last Resort (x32)
Wallace & Gromit Ep 3: Muzzled! (x32)
Wallace & Gromit Ep 4: The Bogey Man (x32)
War Thunder Launcher 1.0.1.185 (x32)
Warframe (x32)
Wasp (x32)
White Christmas 3D Screensaver and Animated Wallpaper 1.0 (x32 Version: 1.0)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.24.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinSpeedUp 2.8 (x32)
Wise Care 365 version 2.13 (x32 Version: 2.13)
Wise Data Recovery 3.19 (x32)
Wise Folder Hider 1.29 (x32)
Wizard101(DE) (HKCU)
Worms Reloaded (x32)
Xilisoft Video Converter Ultimate (HKCU Version: 7.4.0.20120710)
XMedia Recode Version 3.1.4.6 (x32 Version: 3.1.4.6)
YourFileDownloader (HKCU Version: 1.0.3)

==================== Restore Points  =========================

05-07-2013 18:35:44 Windows Update
05-07-2013 19:22:34 Installed Windows 7 USB/DVD Download Tool
05-07-2013 19:28:53 Installed Microsoft Office Professional Plus 2010
05-07-2013 21:41:39 avast! Free Antivirus Setup
06-07-2013 08:52:41 avast! Free Antivirus Setup

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-03-22 23:33 - 00002217 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com 
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com.*
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET.*
127.0.0.1 ood.opsource.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.*
127.0.0.1 practivate.adobe.com

There are 15 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {18A1F428-F3F3-4DFA-AD1E-E4FFD1A3DBD0} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-06-06] ()
Task: {21A0CCCB-B2A0-49F7-93E3-12944F53D7CD} - System32\Tasks\WpsUpdateTask_Manuel => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: {26028CCF-B615-460B-AA1F-F73AEE37A2B9} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {3DF58F2F-D65A-4A30-938F-7CBACF21EDD2} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {50F5014D-269D-4825-84E4-F684056B6397} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {56535E61-ACEF-48F1-83C8-D9868A7CDF0D} - System32\Tasks\{3D4F97F4-B1B5-4018-AD9C-87027B5D6340} => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe No File
Task: {6BF29CEF-560A-4C11-917A-3E1170FC83B9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {7517CB9C-2381-4FD6-BA7C-014AE6429852} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe [2012-11-11] (hxxp://yourfiledownloader.com)
Task: {761E1F77-9A1D-4A8A-A44D-12B2ED29B298} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {7968EF8F-5A39-4C0D-8437-93ACDDBBF4E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19] (Google Inc.)
Task: {888DAD9B-ED58-4708-AB9A-C0A917BE2452} - System32\Tasks\AdobeAAMUpdater-1.0-Manuel-PC-Manuel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {902C6029-9808-4055-ACAF-3083C6E987EB} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {A5FFEDEE-4FA0-4214-9C81-C1F5E0F6BBC6} - System32\Tasks\{0E6AB084-4045-4B05-B279-75E191A66DE1} => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe No File
Task: {ADBC1F39-2827-46DB-974D-2167EF67CCC2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B105DA96-886C-4502-BDE8-FCA17FA81B87} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2774469641-1193827106-2472648205-1001
Task: {B721F4B0-7B6F-4F3A-88C1-E6FA1AFA3932} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {C1DFA2FA-9A54-4F6C-8630-7730A711FA9F} - System32\Tasks\{9ACBA6A3-19E6-4CCF-A0A5-5C8BF178841D} => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe No File
Task: {C68C85CA-0181-4B8D-891A-DF98932D67FB} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe [2012-11-11] (hxxp://yourfiledownloader.com)
Task: {CAC01A08-7C50-46B8-A391-1E9FC9B7ED98} - System32\Tasks\{056C125E-2B27-40E0-BC0F-DD3E4ED5FCE9} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-04-09] (Google Inc.)
Task: {D1909463-2EA3-4DFD-B4B5-F36399FB7F22} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {DAE68A07-3299-49B9-AEDB-7162EC2FCA93} - System32\Tasks\{244786BD-495C-4328-BA99-8DBE1D148DE0} => C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe [2013-06-10] (DVDVideoSoft Ltd.)
Task: {DFB30384-A6F1-46CF-BB84-FFFD9FA5FBF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14] (Adobe Systems Incorporated)
Task: {E0C48A29-B855-4404-8DDD-B4697F7D0501} - System32\Tasks\{3C64459A-F86C-4ECB-9990-8A7E286A5D08} => C:\program files (x86)\google\chrome\application\chrome.exe [2013-04-09] (Google Inc.)
Task: {F74E88A2-2E36-4E1D-9408-5BCC4A1103C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\WpsUpdateTask_Manuel.job => ?

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2013 11:43:55 PM) (Source: MsiInstaller) (User: Manuel-PC)
Description: Produkt: BitDefender Free Edition v10 -- Dieses BitDefender Produkt ist nicht kompatibel mit Ihrem Betriebssystem. Kompatibel Betriebssysteme sind: Windows 98, ME, 2000 oder XP. Das Installationsprozess wurde abgebrochen.

Error: (07/05/2013 09:33:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2013 08:59:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2013 08:58:12 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/05/2013 08:29:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2013 08:29:28 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/21/2013 07:46:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2013 07:45:58 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/16/2013 09:27:19 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/16/2013 09:27:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/05/2013 11:50:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bitdefender Antivirus Free Edition" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/05/2013 11:48:25 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/05/2013 11:12:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (07/05/2013 09:28:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (07/05/2013 09:27:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (07/05/2013 09:05:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (07/05/2013 09:00:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/05/2013 09:00:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (07/05/2013 08:58:56 PM) (Source: Service Control Manager) (User: )
Description: Dienst "PinnacleUpdate Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2013 08:58:31 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Realtek11nSU erreicht.


Microsoft Office Sessions:
=========================
Error: (07/05/2013 11:43:55 PM) (Source: MsiInstaller)(User: Manuel-PC)
Description: Produkt: BitDefender Free Edition v10 -- Dieses BitDefender Produkt ist nicht kompatibel mit Ihrem Betriebssystem. Kompatibel Betriebssysteme sind: Windows 98, ME, 2000 oder XP. Das Installationsprozess wurde abgebrochen.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/05/2013 09:33:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2013 08:59:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2013 08:58:12 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/05/2013 08:29:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2013 08:29:28 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/21/2013 07:46:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2013 07:45:58 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/16/2013 09:27:19 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/16/2013 09:27:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-06-16 13:16:17.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 12:14:23.120
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 11:26:43.808
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 11:02:45.393
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 10:56:43.901
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 10:37:47.047
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 10:19:31.456
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 10:10:48.852
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 10:05:40.977
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-16 09:25:59.393
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_194\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 77%
Total physical RAM: 8174.12 MB
Available physical RAM: 1813.77 MB
Total Pagefile: 16346.42 MB
Available Pagefile: 11325.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:200 GB) (Free:54.49 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:1663.01 GB) (Free:68.29 GB) NTFS (Disk=0 Partition=2)
Drive f: (AV_DVD) (CDROM) (Total:6.58 GB) (Free:0 GB) CDFS
Drive h: (30GB) (Removable) (Total:30.08 GB) (Free:9.88 GB) FAT32 (Disk=1 Partition=1)
Drive i: (SCHULE) (Removable) (Total:3.77 GB) (Free:0.4 GB) FAT32 (Disk=2 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 59D59453)
Partition 1: (Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-413374873600) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 30 GB) (Disk ID: 66205247)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================
         
__________________

Alt 06.07.2013, 17:17   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.07.2013, 18:08   #5
vVManuelVv
 
Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Ich bin mir nicht 100%-ig sicher ob alle Antivirenprogramme abgeschalten waren, da ich nicht genau weiß wie man Microsoft Security Essentials abdreht(außer den Echtzeitschutz). Hier das Ergebnis:
Code:
ATTFilter
ComboFix 13-07-06.03 - Manuel 06.07.2013  18:49:56.1.6 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.8174.5438 [GMT 2:00]
ausgeführt von:: c:\users\Manuel\Desktop\ComboFix.exe
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Error Repair Professional
c:\program files (x86)\Error Repair Professional\Backups\Backup_15-55-24_17-12-2012.reg
c:\program files (x86)\Error Repair Professional\Backups\Backup_16-9-6_17-12-2012.reg
c:\program files (x86)\Error Repair Professional\Dataprogs.dat
c:\program files (x86)\Error Repair Professional\ErrorRepairProfessional.exe
c:\program files (x86)\Error Repair Professional\unins000.dat
c:\program files (x86)\Error Repair Professional\unins000.exe
c:\programdata\1365186901.bdinstall.bin
c:\programdata\1373060854.bdinstall.bin
c:\programdata\1373060860.10984.bin
c:\programdata\1373060860.7288.bin
c:\programdata\1373060860.8188.bin
c:\programdata\1373060860.9524.bin
c:\programdata\1373061931.bdinstall.bin
c:\programdata\1373062061.bdinstall.bin
c:\programdata\1373062101.bdinstall.bin
c:\programdata\1373062122.bdinstall.bin
c:\programdata\1373062125.bdinstall.bin
c:\programdata\1373100694.bdinstall.bin
c:\programdata\1373127633.bdinstall.bin
c:\programdata\ntuser.dat
c:\users\Manuel\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Manuel\AppData\Roaming\Microsoft\bass.dll
c:\users\Manuel\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Manuel\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Manuel\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Manuel\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Manuel\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Manuel\AppData\Roaming\Microsoft\Windows\Templates\1028.msi
c:\users\Manuel\AppData\Roaming\Microsoft\Windows\Templates\1031.msi
c:\users\Manuel\AppData\Roaming\Microsoft\Windows\Templates\1033.msi
c:\users\Manuel\AppData\Roaming\Microsoft\Windows\Templates\1036.msi
c:\users\Manuel\AppData\Roaming\Microsoft\Windows\Templates\1041.msi
c:\users\Manuel\AppData\Roaming\Microsoft\Windows\Templates\2052.msi
c:\users\Manuel\AppData\Roaming\technic-launcher.jar
c:\windows\SysWow64\frapsvid.dll
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-06 bis 2013-07-06  ))))))))))))))))))))))))))))))
.
.
2013-07-06 17:02 . 2013-07-06 17:02	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-07-06 17:02 . 2013-07-06 17:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-06 16:40 . 2013-07-06 16:40	49872	----a-w-	c:\windows\system32\drivers\tecccdrj.sys
2013-07-06 16:40 . 2013-07-06 16:40	49872	----a-w-	c:\windows\system32\drivers\cmgasofb.sys
2013-07-06 16:34 . 2013-07-06 16:34	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-06 16:29 . 2013-07-06 16:29	261056	----a-w-	c:\windows\system32\drivers\avchv.sys
2013-07-06 16:25 . 2013-04-17 12:59	593144	----a-w-	c:\windows\system32\drivers\avckf.sys
2013-07-06 16:25 . 2013-04-17 12:59	718840	----a-w-	c:\windows\system32\drivers\avc3.sys
2013-07-06 16:25 . 2013-06-15 15:28	148696	----a-w-	c:\windows\system32\drivers\gzflt.sys
2013-07-06 16:25 . 2013-06-21 18:03	382536	----a-w-	c:\windows\system32\drivers\trufos.sys
2013-07-06 16:19 . 2013-07-06 16:19	76232	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD7F0636-E4C2-4502-A26B-3112106F1E35}\offreg.dll
2013-07-06 15:50 . 2013-07-06 15:50	--------	d-----w-	c:\users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 12:01 . 2013-07-06 12:01	--------	d-----w-	C:\FRST
2013-07-05 22:25 . 2013-06-12 03:08	9552976	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD7F0636-E4C2-4502-A26B-3112106F1E35}\mpengine.dll
2013-07-05 21:50 . 2013-07-05 21:50	--------	d-----w-	c:\programdata\bdch
2013-07-05 21:42 . 2010-05-06 20:59	38848	----a-w-	c:\windows\SysWow64\avastSS.scr
2013-07-05 21:42 . 2010-05-06 20:59	165032	----a-w-	c:\windows\SysWow64\aswBoot.exe
2013-07-05 21:42 . 2013-07-05 21:42	--------	d-----w-	c:\programdata\Alwil Software
2013-07-05 21:42 . 2013-07-05 21:42	--------	d-----w-	c:\program files\Alwil Software
2013-07-05 21:28 . 2013-07-05 22:06	--------	d-----w-	c:\users\Manuel\AppData\Roaming\Pamela
2013-07-05 21:28 . 2013-07-05 21:28	176128	----a-w-	c:\windows\SysWow64\RemoteControl.dll
2013-07-05 21:28 . 2013-07-05 21:28	--------	d-----w-	c:\program files (x86)\Pamela
2013-07-05 19:36 . 2013-07-05 19:36	--------	d-----w-	c:\program files (x86)\Microsoft Synchronization Services
2013-07-05 19:36 . 2013-07-05 19:36	--------	d-----w-	c:\program files (x86)\Microsoft Sync Framework
2013-07-05 19:31 . 2013-07-05 19:31	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2013-07-05 19:29 . 2013-07-05 19:29	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2013-07-05 19:29 . 2013-07-05 19:29	--------	d-----r-	C:\MSOCache
2013-07-05 19:22 . 2013-07-05 19:22	98304	----a-r-	c:\users\Manuel\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe
2013-07-05 19:05 . 2013-06-12 03:08	9552976	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-05 18:30 . 2013-07-05 18:30	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-06-21 18:14 . 2013-06-21 18:13	964552	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ACEDC8A2-E566-45D1-9F84-1D9A31028CD6}\gapaengine.dll
2013-06-21 03:16 . 2013-06-21 03:16	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-06-15 17:46 . 2013-06-15 17:47	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2013-06-15 17:46 . 2013-06-15 17:47	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-13 23:18 . 2013-06-14 00:18	9089416	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-13 22:57 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-06-13 22:57 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-06-08 00:43 . 2013-06-08 01:45	--------	d-----w-	c:\users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-07 22:42 . 2013-06-08 13:52	--------	d-----w-	c:\program files (x86)\SaferSurf
2013-06-07 22:42 . 2013-06-07 22:42	--------	d-----w-	c:\programdata\Nutzwerk
2013-06-06 17:23 . 2013-06-06 17:23	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-06 17:23 . 2013-06-06 17:23	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2013-06-06 17:14 . 2013-06-06 17:14	--------	d-----w-	c:\users\Manuel\AppData\Local\FLT
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-06 16:33 . 2012-01-13 13:35	867240	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-07-06 16:33 . 2012-01-13 13:35	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-07-06 16:18 . 2012-12-22 23:59	119296	----a-w-	c:\windows\SysWow64\zlib.dll
2013-06-22 17:20 . 2012-12-15 12:09	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-06-21 12:06 . 2013-05-31 15:59	2936208	----a-w-	c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-05-31 15:59	27781920	----a-w-	c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-05-31 15:59	2597856	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-05-31 15:59	15920536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-05-31 15:59	15144928	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-05-31 15:59	13411896	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-05-31 15:59	12427240	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-05-31 15:59	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-06-21 10:23 . 2013-05-31 16:03	6496544	----a-w-	c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-05-31 16:03	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-05-31 16:03	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-05-31 16:03	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-05-31 16:03	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-05-31 16:03	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-06-20 04:17 . 2013-05-31 16:03	3253909	----a-w-	c:\windows\system32\nvcoproc.bin
2013-06-14 01:02 . 2012-01-13 14:22	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-14 00:18 . 2012-04-16 08:33	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-14 00:18 . 2012-01-13 13:34	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:58 . 2012-08-13 20:09	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-06-04 22:58 . 2012-08-12 22:02	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-06-02 19:59 . 2012-08-12 22:02	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-05-24 18:07 . 2013-03-15 21:21	964552	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-12 21:42 . 2013-05-31 15:59	1832224	----a-w-	c:\windows\system32\nvdispco6432018.dll
2013-05-12 21:42 . 2013-05-31 15:59	1511712	----a-w-	c:\windows\system32\nvdispgenco6432018.dll
2013-05-10 14:17 . 2013-05-10 14:17	70720	----a-w-	c:\windows\SysWow64\libresample.dll
2013-05-10 13:50 . 2013-05-10 13:50	225369510	----a-w-	c:\windows\SysWow64\Backup_15-50-15_10-5-2013.reg
2013-05-10 10:52 . 2013-05-10 12:58	82432	----a-w-	c:\windows\SysWow64\avformat.dll
2013-05-10 10:52 . 2013-05-10 12:57	82432	----a-w-	c:\windows\system32\avformat.dll
2013-05-09 12:03 . 2010-06-24 10:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2013-04-24 21:56 . 2013-04-24 21:56	77592	----a-w-	c:\windows\system32\ladfGSRCoinst_amd64.dll
2013-04-24 21:56 . 2013-04-24 21:56	410008	------w-	c:\windows\system32\drivers\ladfGSCamd64.sys
2013-04-24 21:56 . 2013-04-24 21:56	102808	------w-	c:\windows\system32\drivers\ladfGSRamd64.sys
2013-04-20 19:35 . 2013-04-20 19:35	13696	------w-	c:\windows\system32\drivers\fixustor.sys
2013-04-13 05:49 . 2013-05-17 18:40	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-17 18:40	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-17 18:40	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-17 18:40	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-17 18:40	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-17 18:40	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-05-08 19:31	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-11 14:12 . 2012-07-20 19:18	19392	----a-w-	c:\windows\system32\roboot64.exe
2013-04-10 06:01 . 2013-05-17 18:40	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-17 18:40	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-17 18:40	3153920	----a-w-	c:\windows\system32\win32k.sys
2012-06-06 04:06 . 2012-06-06 04:06	2174976	----a-w-	c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7}]
2013-03-30 10:30	118272	----a-w-	c:\programdata\Breowse2savue\5156becfafe0d.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-06 19:33	1519304	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-06 1519304]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2013-06-06 1641896]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Turbo Key"="c:\program files (x86)\ASUS\Turbo Key\TurboKey.exe" [2009-11-24 1874432]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-10-22 642216]
"SAFE2012 HotKeys"="d:\program files (x86)\SteganosHotKeyService.exe" [2012-11-19 84480]
"SAFE2012 File Redirection Starter"="d:\program files (x86)\fredirstarter.exe" [2012-11-19 17408]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 acebpczx;acebpczx;c:\windows\system32\drivers\acebpczx.sys;c:\windows\SYSNATIVE\drivers\acebpczx.sys [x]
R1 adkvocef;adkvocef;c:\windows\system32\drivers\adkvocef.sys;c:\windows\SYSNATIVE\drivers\adkvocef.sys [x]
R1 ajpfxmaw;ajpfxmaw;c:\windows\system32\drivers\ajpfxmaw.sys;c:\windows\SYSNATIVE\drivers\ajpfxmaw.sys [x]
R1 alhychmr;alhychmr;c:\windows\system32\drivers\alhychmr.sys;c:\windows\SYSNATIVE\drivers\alhychmr.sys [x]
R1 awvvkkyr;awvvkkyr;c:\windows\system32\drivers\awvvkkyr.sys;c:\windows\SYSNATIVE\drivers\awvvkkyr.sys [x]
R1 bfxioaul;bfxioaul;c:\windows\system32\drivers\bfxioaul.sys;c:\windows\SYSNATIVE\drivers\bfxioaul.sys [x]
R1 bpvijebl;bpvijebl;c:\windows\system32\drivers\bpvijebl.sys;c:\windows\SYSNATIVE\drivers\bpvijebl.sys [x]
R1 clmxlfty;clmxlfty;c:\windows\system32\drivers\clmxlfty.sys;c:\windows\SYSNATIVE\drivers\clmxlfty.sys [x]
R1 cmsruhcm;cmsruhcm;c:\windows\system32\drivers\cmsruhcm.sys;c:\windows\SYSNATIVE\drivers\cmsruhcm.sys [x]
R1 cpmfwsed;cpmfwsed;c:\windows\system32\drivers\cpmfwsed.sys;c:\windows\SYSNATIVE\drivers\cpmfwsed.sys [x]
R1 cqycpxjh;cqycpxjh;c:\windows\system32\drivers\cqycpxjh.sys;c:\windows\SYSNATIVE\drivers\cqycpxjh.sys [x]
R1 dgpjxipa;dgpjxipa;c:\windows\system32\drivers\dgpjxipa.sys;c:\windows\SYSNATIVE\drivers\dgpjxipa.sys [x]
R1 diuxalrz;diuxalrz;c:\windows\system32\drivers\diuxalrz.sys;c:\windows\SYSNATIVE\drivers\diuxalrz.sys [x]
R1 dkzlagus;dkzlagus;c:\windows\system32\drivers\dkzlagus.sys;c:\windows\SYSNATIVE\drivers\dkzlagus.sys [x]
R1 drgldgjb;drgldgjb;c:\windows\system32\drivers\drgldgjb.sys;c:\windows\SYSNATIVE\drivers\drgldgjb.sys [x]
R1 eawpgtou;eawpgtou;c:\windows\system32\drivers\eawpgtou.sys;c:\windows\SYSNATIVE\drivers\eawpgtou.sys [x]
R1 epridjao;epridjao;c:\windows\system32\drivers\epridjao.sys;c:\windows\SYSNATIVE\drivers\epridjao.sys [x]
R1 esapsxlf;esapsxlf;c:\windows\system32\drivers\esapsxlf.sys;c:\windows\SYSNATIVE\drivers\esapsxlf.sys [x]
R1 evhtccxh;evhtccxh;c:\windows\system32\drivers\evhtccxh.sys;c:\windows\SYSNATIVE\drivers\evhtccxh.sys [x]
R1 ezvlshqh;ezvlshqh;c:\windows\system32\drivers\ezvlshqh.sys;c:\windows\SYSNATIVE\drivers\ezvlshqh.sys [x]
R1 glubcgyh;glubcgyh;c:\windows\system32\drivers\glubcgyh.sys;c:\windows\SYSNATIVE\drivers\glubcgyh.sys [x]
R1 gygmpfau;gygmpfau;c:\windows\system32\drivers\gygmpfau.sys;c:\windows\SYSNATIVE\drivers\gygmpfau.sys [x]
R1 hihnhlsf;hihnhlsf;c:\windows\system32\drivers\hihnhlsf.sys;c:\windows\SYSNATIVE\drivers\hihnhlsf.sys [x]
R1 iinqklkl;iinqklkl;c:\windows\system32\drivers\iinqklkl.sys;c:\windows\SYSNATIVE\drivers\iinqklkl.sys [x]
R1 ivqmezri;ivqmezri;c:\windows\system32\drivers\ivqmezri.sys;c:\windows\SYSNATIVE\drivers\ivqmezri.sys [x]
R1 jgnwnlfc;jgnwnlfc;c:\windows\system32\drivers\jgnwnlfc.sys;c:\windows\SYSNATIVE\drivers\jgnwnlfc.sys [x]
R1 kdbgbvsl;kdbgbvsl;c:\windows\system32\drivers\kdbgbvsl.sys;c:\windows\SYSNATIVE\drivers\kdbgbvsl.sys [x]
R1 kerbkqnx;kerbkqnx;c:\windows\system32\drivers\kerbkqnx.sys;c:\windows\SYSNATIVE\drivers\kerbkqnx.sys [x]
R1 kxzanmsi;kxzanmsi;c:\windows\system32\drivers\kxzanmsi.sys;c:\windows\SYSNATIVE\drivers\kxzanmsi.sys [x]
R1 liuxtxoa;liuxtxoa;c:\windows\system32\drivers\liuxtxoa.sys;c:\windows\SYSNATIVE\drivers\liuxtxoa.sys [x]
R1 ljoupilg;ljoupilg;c:\windows\system32\drivers\ljoupilg.sys;c:\windows\SYSNATIVE\drivers\ljoupilg.sys [x]
R1 lkrxptao;lkrxptao;c:\windows\system32\drivers\lkrxptao.sys;c:\windows\SYSNATIVE\drivers\lkrxptao.sys [x]
R1 lljxdeak;lljxdeak;c:\windows\system32\drivers\lljxdeak.sys;c:\windows\SYSNATIVE\drivers\lljxdeak.sys [x]
R1 mdmjuhdo;mdmjuhdo;c:\windows\system32\drivers\mdmjuhdo.sys;c:\windows\SYSNATIVE\drivers\mdmjuhdo.sys [x]
R1 mnpycass;mnpycass;c:\windows\system32\drivers\mnpycass.sys;c:\windows\SYSNATIVE\drivers\mnpycass.sys [x]
R1 mxmdofgr;mxmdofgr;c:\windows\system32\drivers\mxmdofgr.sys;c:\windows\SYSNATIVE\drivers\mxmdofgr.sys [x]
R1 njlgbahj;njlgbahj;c:\windows\system32\drivers\njlgbahj.sys;c:\windows\SYSNATIVE\drivers\njlgbahj.sys [x]
R1 nmpyglev;nmpyglev;c:\windows\system32\drivers\nmpyglev.sys;c:\windows\SYSNATIVE\drivers\nmpyglev.sys [x]
R1 obisswxv;obisswxv;c:\windows\system32\drivers\obisswxv.sys;c:\windows\SYSNATIVE\drivers\obisswxv.sys [x]
R1 oysxxuos;oysxxuos;c:\windows\system32\drivers\oysxxuos.sys;c:\windows\SYSNATIVE\drivers\oysxxuos.sys [x]
R1 sohjdafy;sohjdafy;c:\windows\system32\drivers\sohjdafy.sys;c:\windows\SYSNATIVE\drivers\sohjdafy.sys [x]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FIXUSTOR;FIXUSTOR;c:\windows\system32\DRIVERS\fixustor.sys;c:\windows\SYSNATIVE\DRIVERS\fixustor.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 mv91cons;mv91cons;c:\windows\system32\drivers\mv91cons.sys;c:\windows\SYSNATIVE\drivers\mv91cons.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R4 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SLEE_17_DRIVER;Steganos Live Encryption Engine 17 [Driver];c:\windows\Sleen1764.sys;c:\windows\Sleen1764.sys [x]
S1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];c:\windows\Sleen1864.sys;c:\windows\Sleen1864.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 SaferSurfServices;SaferSurfServices;c:\program files (x86)\SaferSurf\SaferSurfServices.exe;c:\program files (x86)\SaferSurf\SaferSurfServices.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AVC3
*NewlyCreated* - TRUFOS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 19:16	1642448	------w-	c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 00:18]
.
2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 11:44]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 11:44]
.
2013-07-06 c:\windows\Tasks\WpsUpdateTask_Manuel.job
- c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
LSP: c:\program files (x86)\SaferSurf\wslsp.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: keyword.URL - 
FF - prefs.js: browser.startup.homepage - 
FF - ExtSQL: 2013-06-06 18:05; client@anonymox.net; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\extensions\client@anonymox.net.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
BHO-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Toolbar-Locked - (no file)
Toolbar-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{CDF97EE2-DED0-4369-835E-99DD08225FA5} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2774469641-1193827106-2472648205-1001\Software\SecuROM\License information*]
"datasecu"=hex:14,45,12,de,78,56,7a,9d,3f,16,8d,61,bb,ea,5e,a7,db,e4,3c,2e,62,
   da,f3,22,e0,5c,11,bb,cd,cd,80,39,dc,e8,ef,a6,fd,55,af,c4,ad,c2,5a,bb,5f,bb,\
"rkeysecu"=hex:d3,4f,0e,2a,fe,7f,b4,d8,4f,b1,e8,1e,18,c8,93,91
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-06  19:06:16
ComboFix-quarantined-files.txt  2013-07-06 17:06
.
Vor Suchlauf: 19 Verzeichnis(se), 70.041.649.152 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 69.897.502.720 Bytes frei
.
- - End Of File - - E27C490B83B02174A0A20A126235FF6C
A36C5E4F47E84449FF07ED3517B43A31
         


Alt 07.07.2013, 06:05   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Combofix-Skript
WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

  • Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link
  • Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!
  • Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
  • Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
    Code:
    ATTFilter
    Driver::
    acebpczx
    adkvocef
    ajpfxmaw
    alhychmr
    awvvkkyr
    bfxioaul
    bpvijebl
    clmxlfty
    cmsruhcm
    cpmfwsed
    cqycpxjh
    dgpjxipa
    diuxalrz
    dkzlagus
    drgldgjb
    eawpgtou
    epridjao
    esapsxlf
    evhtccxh
    ezvlshqh
    glubcgyh
    gygmpfau
    hihnhlsf
    iinqklkl
    ivqmezri
    jgnwnlfc
    kdbgbvsl
    kerbkqnx
    kxzanmsi
    liuxtxoa
    ljoupilg
    lkrxptao
    lljxdeak
    mdmjuhdo
    mnpycass
    mxmdofgr
    njlgbahj
    nmpyglev
    obisswxv
    oysxxuos
    sohjdafy
    File::
    c:\windows\system32\drivers\acebpczx.sys
    c:\windows\system32\drivers\adkvocef.sys
    c:\windows\system32\drivers\ajpfxmaw.sys
    c:\windows\system32\drivers\alhychmr.sys
    c:\windows\system32\drivers\awvvkkyr.sys
    c:\windows\system32\drivers\bfxioaul.sys
    c:\windows\system32\drivers\bpvijebl.sys
    c:\windows\system32\drivers\clmxlfty.sys
    c:\windows\system32\drivers\cmsruhcm.sys
    c:\windows\system32\drivers\cpmfwsed.sys
    c:\windows\system32\drivers\cqycpxjh.sys
    c:\windows\system32\drivers\dgpjxipa.sys
    c:\windows\system32\drivers\diuxalrz.sys
    c:\windows\system32\drivers\dkzlagus.sys
    c:\windows\system32\drivers\drgldgjb.sys
    c:\windows\system32\drivers\eawpgtou.sys
    c:\windows\system32\drivers\epridjao.sys
    c:\windows\system32\drivers\esapsxlf.sys
    c:\windows\system32\drivers\evhtccxh.sys
    c:\windows\system32\drivers\ezvlshqh.sys
    c:\windows\system32\drivers\glubcgyh.sys
    c:\windows\system32\drivers\gygmpfau.sys
    c:\windows\system32\drivers\hihnhlsf.sys
    c:\windows\system32\drivers\iinqklkl.sys
    c:\windows\system32\drivers\ivqmezri.sys
    c:\windows\system32\drivers\jgnwnlfc.sys
    c:\windows\system32\drivers\kdbgbvsl.sys
    c:\windows\system32\drivers\kerbkqnx.sys
    c:\windows\system32\drivers\kxzanmsi.sys
    c:\windows\system32\drivers\liuxtxoa.sys
    c:\windows\system32\drivers\ljoupilg.sys
    c:\windows\system32\drivers\lkrxptao.sys
    c:\windows\system32\drivers\lljxdeak.sys
    c:\windows\system32\drivers\mdmjuhdo.sys
    c:\windows\system32\drivers\mnpycass.sys
    c:\windows\system32\drivers\mxmdofgr.sys
    c:\windows\system32\drivers\njlgbahj.sys
    c:\windows\system32\drivers\nmpyglev.sys
    c:\windows\system32\drivers\obisswxv.sys
    c:\windows\system32\drivers\oysxxuos.sys
    c:\windows\system32\drivers\sohjdafy.sys
             
  • Speichere dies als CFScript.txt auf deinem Desktop.
  • Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.
  • Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:
  • Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
    Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.

Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

__________________
--> Virenbefall was soll ich tun?

Alt 07.07.2013, 12:08   #7
vVManuelVv
 
Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Zuerst, vielen Dank, dass du dir überhaupt die Zeit nimmst mir mit meine Problem zu helfen.
Nach dem Neustart, der von ComboFix verursacht wurde, kam die Meldung das ich keine Programme starten solle, da aber einige im Autostart waren, habe ich diese schnell beendet, ich hoffe dies verfälscht das Ergebnis der Logfile nicht. Bezüglich des hochladens, habe ich keine Meldung bekommen.
Code:
ATTFilter
ComboFix 13-07-07.01 - Manuel 07.07.2013  12:24:46.2.6 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.8174.6050 [GMT 2:00]
ausgeführt von:: c:\users\Manuel\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Manuel\Desktop\CFScript.txt
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\acebpczx.sys"
"c:\windows\system32\drivers\adkvocef.sys"
"c:\windows\system32\drivers\ajpfxmaw.sys"
"c:\windows\system32\drivers\alhychmr.sys"
"c:\windows\system32\drivers\awvvkkyr.sys"
"c:\windows\system32\drivers\bfxioaul.sys"
"c:\windows\system32\drivers\bpvijebl.sys"
"c:\windows\system32\drivers\clmxlfty.sys"
"c:\windows\system32\drivers\cmsruhcm.sys"
"c:\windows\system32\drivers\cpmfwsed.sys"
"c:\windows\system32\drivers\cqycpxjh.sys"
"c:\windows\system32\drivers\dgpjxipa.sys"
"c:\windows\system32\drivers\diuxalrz.sys"
"c:\windows\system32\drivers\dkzlagus.sys"
"c:\windows\system32\drivers\drgldgjb.sys"
"c:\windows\system32\drivers\eawpgtou.sys"
"c:\windows\system32\drivers\epridjao.sys"
"c:\windows\system32\drivers\esapsxlf.sys"
"c:\windows\system32\drivers\evhtccxh.sys"
"c:\windows\system32\drivers\ezvlshqh.sys"
"c:\windows\system32\drivers\glubcgyh.sys"
"c:\windows\system32\drivers\gygmpfau.sys"
"c:\windows\system32\drivers\hihnhlsf.sys"
"c:\windows\system32\drivers\iinqklkl.sys"
"c:\windows\system32\drivers\ivqmezri.sys"
"c:\windows\system32\drivers\jgnwnlfc.sys"
"c:\windows\system32\drivers\kdbgbvsl.sys"
"c:\windows\system32\drivers\kerbkqnx.sys"
"c:\windows\system32\drivers\kxzanmsi.sys"
"c:\windows\system32\drivers\liuxtxoa.sys"
"c:\windows\system32\drivers\ljoupilg.sys"
"c:\windows\system32\drivers\lkrxptao.sys"
"c:\windows\system32\drivers\lljxdeak.sys"
"c:\windows\system32\drivers\mdmjuhdo.sys"
"c:\windows\system32\drivers\mnpycass.sys"
"c:\windows\system32\drivers\mxmdofgr.sys"
"c:\windows\system32\drivers\njlgbahj.sys"
"c:\windows\system32\drivers\nmpyglev.sys"
"c:\windows\system32\drivers\obisswxv.sys"
"c:\windows\system32\drivers\oysxxuos.sys"
"c:\windows\system32\drivers\sohjdafy.sys"
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_acebpczx
-------\Service_adkvocef
-------\Service_ajpfxmaw
-------\Service_alhychmr
-------\Service_awvvkkyr
-------\Service_bfxioaul
-------\Service_bpvijebl
-------\Service_clmxlfty
-------\Service_cmsruhcm
-------\Service_cpmfwsed
-------\Service_cqycpxjh
-------\Service_dgpjxipa
-------\Service_diuxalrz
-------\Service_dkzlagus
-------\Service_drgldgjb
-------\Service_eawpgtou
-------\Service_epridjao
-------\Service_esapsxlf
-------\Service_evhtccxh
-------\Service_ezvlshqh
-------\Service_glubcgyh
-------\Service_gygmpfau
-------\Service_hihnhlsf
-------\Service_iinqklkl
-------\Service_ivqmezri
-------\Service_jgnwnlfc
-------\Service_kdbgbvsl
-------\Service_kerbkqnx
-------\Service_kxzanmsi
-------\Service_liuxtxoa
-------\Service_ljoupilg
-------\Service_lkrxptao
-------\Service_lljxdeak
-------\Service_mdmjuhdo
-------\Service_mnpycass
-------\Service_mxmdofgr
-------\Service_njlgbahj
-------\Service_nmpyglev
-------\Service_obisswxv
-------\Service_oysxxuos
-------\Service_sohjdafy
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-07 bis 2013-07-07  ))))))))))))))))))))))))))))))
.
.
2013-07-07 10:39 . 2013-07-07 10:39	76232	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC5FCB5C-B752-4D19-9558-6E8CDB72C8BE}\offreg.dll
2013-07-07 10:36 . 2013-07-07 10:36	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-07-07 10:36 . 2013-07-07 10:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-07 10:11 . 2013-06-12 03:08	9552976	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC5FCB5C-B752-4D19-9558-6E8CDB72C8BE}\mpengine.dll
2013-07-07 09:32 . 2013-07-07 09:32	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-07-06 18:43 . 2013-07-06 18:43	718840	----a-w-	c:\windows\system32\drivers\avc3.sys
2013-07-06 17:49 . 2013-07-06 17:49	--------	d-----w-	c:\windows\Simple Port Forwarding
2013-07-06 17:49 . 2013-07-06 17:55	--------	d-----w-	c:\program files (x86)\Simple Port Forwarding
2013-07-06 17:09 . 2013-06-12 03:08	9552976	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-06 16:34 . 2013-07-06 16:34	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-06 16:29 . 2013-07-06 16:29	261056	----a-w-	c:\windows\system32\drivers\avchv.sys
2013-07-06 16:25 . 2013-04-17 12:59	593144	----a-w-	c:\windows\system32\drivers\avckf.sys
2013-07-06 16:25 . 2013-06-15 15:28	148696	----a-w-	c:\windows\system32\drivers\gzflt.sys
2013-07-06 16:25 . 2013-06-21 18:03	382536	----a-w-	c:\windows\system32\drivers\trufos.sys
2013-07-06 15:50 . 2013-07-06 15:50	--------	d-----w-	c:\users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 12:01 . 2013-07-06 12:01	--------	d-----w-	C:\FRST
2013-07-05 21:50 . 2013-07-05 21:50	--------	d-----w-	c:\programdata\bdch
2013-07-05 21:42 . 2010-05-06 20:59	38848	----a-w-	c:\windows\SysWow64\avastSS.scr
2013-07-05 21:42 . 2010-05-06 20:59	165032	----a-w-	c:\windows\SysWow64\aswBoot.exe
2013-07-05 21:42 . 2013-07-05 21:42	--------	d-----w-	c:\programdata\Alwil Software
2013-07-05 21:42 . 2013-07-05 21:42	--------	d-----w-	c:\program files\Alwil Software
2013-07-05 21:28 . 2013-07-05 22:06	--------	d-----w-	c:\users\Manuel\AppData\Roaming\Pamela
2013-07-05 21:28 . 2013-07-05 21:28	176128	----a-w-	c:\windows\SysWow64\RemoteControl.dll
2013-07-05 21:28 . 2013-07-05 21:28	--------	d-----w-	c:\program files (x86)\Pamela
2013-07-05 19:36 . 2013-07-05 19:36	--------	d-----w-	c:\program files (x86)\Microsoft Synchronization Services
2013-07-05 19:36 . 2013-07-05 19:36	--------	d-----w-	c:\program files (x86)\Microsoft Sync Framework
2013-07-05 19:31 . 2013-07-05 19:31	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2013-07-05 19:29 . 2013-07-05 19:29	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2013-07-05 19:29 . 2013-07-05 19:29	--------	d-----r-	C:\MSOCache
2013-07-05 19:22 . 2013-07-05 19:22	98304	----a-r-	c:\users\Manuel\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe
2013-07-05 18:30 . 2013-07-05 18:30	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-06-21 18:14 . 2013-06-21 18:13	964552	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ACEDC8A2-E566-45D1-9F84-1D9A31028CD6}\gapaengine.dll
2013-06-21 03:16 . 2013-06-21 03:16	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-06-15 17:46 . 2013-06-15 17:47	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2013-06-15 17:46 . 2013-06-15 17:47	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-13 23:18 . 2013-06-14 00:18	9089416	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-13 22:57 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-06-13 22:57 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-06-08 00:43 . 2013-06-08 01:45	--------	d-----w-	c:\users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-07 22:42 . 2013-06-08 13:52	--------	d-----w-	c:\program files (x86)\SaferSurf
2013-06-07 22:42 . 2013-06-07 22:42	--------	d-----w-	c:\programdata\Nutzwerk
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-07 09:21 . 2012-12-22 23:59	119296	----a-w-	c:\windows\SysWow64\zlib.dll
2013-07-06 16:33 . 2012-01-13 13:35	867240	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-07-06 16:33 . 2012-01-13 13:35	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-22 17:20 . 2012-12-15 12:09	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-06-21 12:06 . 2013-05-31 15:59	2936208	----a-w-	c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-05-31 15:59	27781920	----a-w-	c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-05-31 15:59	2597856	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-05-31 15:59	15920536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-05-31 15:59	15144928	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-05-31 15:59	13411896	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-05-31 15:59	12427240	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-05-31 15:59	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-06-21 10:23 . 2013-05-31 16:03	6496544	----a-w-	c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-05-31 16:03	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-05-31 16:03	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-05-31 16:03	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-05-31 16:03	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-05-31 16:03	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-06-20 04:17 . 2013-05-31 16:03	3253909	----a-w-	c:\windows\system32\nvcoproc.bin
2013-06-14 01:02 . 2012-01-13 14:22	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-14 00:18 . 2012-04-16 08:33	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-14 00:18 . 2012-01-13 13:34	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-06 17:23 . 2013-06-06 17:23	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-04 22:58 . 2012-08-13 20:09	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-06-04 22:58 . 2012-08-12 22:02	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-06-02 19:59 . 2012-08-12 22:02	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-05-24 18:07 . 2013-03-15 21:21	964552	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-12 21:42 . 2013-05-31 15:59	1832224	----a-w-	c:\windows\system32\nvdispco6432018.dll
2013-05-12 21:42 . 2013-05-31 15:59	1511712	----a-w-	c:\windows\system32\nvdispgenco6432018.dll
2013-05-10 14:17 . 2013-05-10 14:17	70720	----a-w-	c:\windows\SysWow64\libresample.dll
2013-05-10 13:50 . 2013-05-10 13:50	225369510	----a-w-	c:\windows\SysWow64\Backup_15-50-15_10-5-2013.reg
2013-05-10 10:52 . 2013-05-10 12:58	82432	----a-w-	c:\windows\SysWow64\avformat.dll
2013-05-10 10:52 . 2013-05-10 12:57	82432	----a-w-	c:\windows\system32\avformat.dll
2013-05-09 12:03 . 2010-06-24 10:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2013-04-24 21:56 . 2013-04-24 21:56	77592	----a-w-	c:\windows\system32\ladfGSRCoinst_amd64.dll
2013-04-24 21:56 . 2013-04-24 21:56	410008	------w-	c:\windows\system32\drivers\ladfGSCamd64.sys
2013-04-24 21:56 . 2013-04-24 21:56	102808	------w-	c:\windows\system32\drivers\ladfGSRamd64.sys
2013-04-20 19:35 . 2013-04-20 19:35	13696	------w-	c:\windows\system32\drivers\fixustor.sys
2013-04-13 05:49 . 2013-05-17 18:40	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-17 18:40	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-17 18:40	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-17 18:40	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-17 18:40	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-17 18:40	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-05-08 19:31	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-11 14:12 . 2012-07-20 19:18	19392	----a-w-	c:\windows\system32\roboot64.exe
2013-04-10 06:01 . 2013-05-17 18:40	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-17 18:40	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-17 18:40	3153920	----a-w-	c:\windows\system32\win32k.sys
2012-06-06 04:06 . 2012-06-06 04:06	2174976	----a-w-	c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7}]
2013-03-30 10:30	118272	----a-w-	c:\programdata\Breowse2savue\5156becfafe0d.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-06 19:33	1519304	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-06 1519304]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2013-06-06 1641896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Turbo Key"="c:\program files (x86)\ASUS\Turbo Key\TurboKey.exe" [2009-11-24 1874432]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-10-22 642216]
"SAFE2012 HotKeys"="d:\program files (x86)\SteganosHotKeyService.exe" [2012-11-19 84480]
"SAFE2012 File Redirection Starter"="d:\program files (x86)\fredirstarter.exe" [2012-11-19 17408]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 clvrxhll;clvrxhll;c:\windows\system32\drivers\clvrxhll.sys;c:\windows\SYSNATIVE\drivers\clvrxhll.sys [x]
R1 cmgasofb;cmgasofb;c:\windows\system32\drivers\cmgasofb.sys;c:\windows\SYSNATIVE\drivers\cmgasofb.sys [x]
R1 utiulqgr;utiulqgr;c:\windows\system32\drivers\utiulqgr.sys;c:\windows\SYSNATIVE\drivers\utiulqgr.sys [x]
R1 wfaljust;wfaljust;c:\windows\system32\drivers\wfaljust.sys;c:\windows\SYSNATIVE\drivers\wfaljust.sys [x]
R1 wmnjtlij;wmnjtlij;c:\windows\system32\drivers\wmnjtlij.sys;c:\windows\SYSNATIVE\drivers\wmnjtlij.sys [x]
R1 wzgcquve;wzgcquve;c:\windows\system32\drivers\wzgcquve.sys;c:\windows\SYSNATIVE\drivers\wzgcquve.sys [x]
R1 zgszitdm;zgszitdm;c:\windows\system32\drivers\zgszitdm.sys;c:\windows\SYSNATIVE\drivers\zgszitdm.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FIXUSTOR;FIXUSTOR;c:\windows\system32\DRIVERS\fixustor.sys;c:\windows\SYSNATIVE\DRIVERS\fixustor.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 mv91cons;mv91cons;c:\windows\system32\drivers\mv91cons.sys;c:\windows\SYSNATIVE\drivers\mv91cons.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 SLEE_17_DRIVER;Steganos Live Encryption Engine 17 [Driver];c:\windows\Sleen1764.sys;c:\windows\Sleen1764.sys [x]
S1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];c:\windows\Sleen1864.sys;c:\windows\Sleen1864.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 SaferSurfServices;SaferSurfServices;c:\program files (x86)\SaferSurf\SaferSurfServices.exe;c:\program files (x86)\SaferSurf\SaferSurfServices.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ASFLTDRV.SYS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-06 17:29	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 00:18]
.
2013-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 11:44]
.
2013-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 11:44]
.
2013-07-07 c:\windows\Tasks\WpsUpdateTask_Manuel.job
- c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
LSP: c:\program files (x86)\SaferSurf\wslsp.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - ExtSQL: 2013-06-06 18:05; client@anonymox.net; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\extensions\client@anonymox.net.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Toolbar-Locked - (no file)
Toolbar-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2774469641-1193827106-2472648205-1001\Software\SecuROM\License information*]
"datasecu"=hex:14,45,12,de,78,56,7a,9d,3f,16,8d,61,bb,ea,5e,a7,db,e4,3c,2e,62,
   da,f3,22,e0,5c,11,bb,cd,cd,80,39,dc,e8,ef,a6,fd,55,af,c4,ad,c2,5a,bb,5f,bb,\
"rkeysecu"=hex:d3,4f,0e,2a,fe,7f,b4,d8,4f,b1,e8,1e,18,c8,93,91
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\YourFileDownloader\YourFileUpdater.exe
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\windows\SysWOW64\WinMsgBalloonServer.exe
c:\windows\SysWOW64\WinMsgBalloonClient.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-07  13:02:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-07 11:02
ComboFix2.txt  2013-07-06 17:06
.
Vor Suchlauf: 19 Verzeichnis(se), 72.303.857.664 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 71.851.720.704 Bytes frei
.
- - End Of File - - 55B290B1CC641F92A06B3B14A02EE70B
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 07.07.2013, 12:50   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Combofix-Skript
WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

  • Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link
  • Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!
  • Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
  • Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
    Code:
    ATTFilter
    Driver::
    clvrxhll
    cmgasofb
    utiulqgr
    wfaljust
    wmnjtlij
    wzgcquve
    zgszitdm
    File::
    c:\windows\system32\drivers\zgszitdm.sys
    c:\windows\system32\drivers\clvrxhll.sys
    c:\windows\system32\drivers\cmgasofb.sys
    c:\windows\system32\drivers\utiulqgr.sys
    c:\windows\system32\drivers\wfaljust.sys
    c:\windows\system32\drivers\wmnjtlij.sys
    c:\windows\system32\drivers\wzgcquve.sys
             
  • Speichere dies als CFScript.txt auf deinem Desktop.
  • Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.
  • Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:
  • Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
    Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.

Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 14:27   #9
vVManuelVv
 
Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Dauert es immer solange bis die Log file erstellt wird?
Code:
ATTFilter
ComboFix 13-07-07.01 - Manuel 07.07.2013  14:45:04.3.6 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.8174.6058 [GMT 2:00]
ausgeführt von:: c:\users\Manuel\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Manuel\Desktop\CFScript.txt
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\clvrxhll.sys"
"c:\windows\system32\drivers\cmgasofb.sys"
"c:\windows\system32\drivers\utiulqgr.sys"
"c:\windows\system32\drivers\wfaljust.sys"
"c:\windows\system32\drivers\wmnjtlij.sys"
"c:\windows\system32\drivers\wzgcquve.sys"
"c:\windows\system32\drivers\zgszitdm.sys"
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_clvrxhll
-------\Service_cmgasofb
-------\Service_utiulqgr
-------\Service_wfaljust
-------\Service_wmnjtlij
-------\Service_wzgcquve
-------\Service_zgszitdm
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-07 bis 2013-07-07  ))))))))))))))))))))))))))))))
.
.
2013-07-07 13:01 . 2013-07-07 13:01	76232	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C18A2E4-7EBD-4616-92CA-53FB1D40153B}\offreg.dll
2013-07-07 12:58 . 2013-07-07 12:58	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-07-07 12:58 . 2013-07-07 12:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-07 11:04 . 2013-06-12 03:08	9552976	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C18A2E4-7EBD-4616-92CA-53FB1D40153B}\mpengine.dll
2013-07-07 09:32 . 2013-07-07 09:32	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-07-06 18:43 . 2013-07-06 18:43	718840	----a-w-	c:\windows\system32\drivers\avc3.sys
2013-07-06 17:49 . 2013-07-06 17:49	--------	d-----w-	c:\windows\Simple Port Forwarding
2013-07-06 17:49 . 2013-07-06 17:55	--------	d-----w-	c:\program files (x86)\Simple Port Forwarding
2013-07-06 17:09 . 2013-06-12 03:08	9552976	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-06 16:34 . 2013-07-06 16:34	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-06 16:29 . 2013-07-06 16:29	261056	----a-w-	c:\windows\system32\drivers\avchv.sys
2013-07-06 16:25 . 2013-04-17 12:59	593144	----a-w-	c:\windows\system32\drivers\avckf.sys
2013-07-06 16:25 . 2013-06-15 15:28	148696	----a-w-	c:\windows\system32\drivers\gzflt.sys
2013-07-06 16:25 . 2013-06-21 18:03	382536	----a-w-	c:\windows\system32\drivers\trufos.sys
2013-07-06 15:50 . 2013-07-06 15:50	--------	d-----w-	c:\users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 12:01 . 2013-07-06 12:01	--------	d-----w-	C:\FRST
2013-07-05 21:50 . 2013-07-05 21:50	--------	d-----w-	c:\programdata\bdch
2013-07-05 21:42 . 2010-05-06 20:59	38848	----a-w-	c:\windows\SysWow64\avastSS.scr
2013-07-05 21:42 . 2010-05-06 20:59	165032	----a-w-	c:\windows\SysWow64\aswBoot.exe
2013-07-05 21:42 . 2013-07-05 21:42	--------	d-----w-	c:\programdata\Alwil Software
2013-07-05 21:42 . 2013-07-05 21:42	--------	d-----w-	c:\program files\Alwil Software
2013-07-05 21:28 . 2013-07-05 22:06	--------	d-----w-	c:\users\Manuel\AppData\Roaming\Pamela
2013-07-05 21:28 . 2013-07-05 21:28	176128	----a-w-	c:\windows\SysWow64\RemoteControl.dll
2013-07-05 21:28 . 2013-07-05 21:28	--------	d-----w-	c:\program files (x86)\Pamela
2013-07-05 19:36 . 2013-07-05 19:36	--------	d-----w-	c:\program files (x86)\Microsoft Synchronization Services
2013-07-05 19:36 . 2013-07-05 19:36	--------	d-----w-	c:\program files (x86)\Microsoft Sync Framework
2013-07-05 19:31 . 2013-07-05 19:31	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2013-07-05 19:29 . 2013-07-05 19:29	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2013-07-05 19:29 . 2013-07-05 19:29	--------	d-----r-	C:\MSOCache
2013-07-05 19:22 . 2013-07-05 19:22	98304	----a-r-	c:\users\Manuel\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe
2013-07-05 18:30 . 2013-07-05 18:30	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-06-21 18:14 . 2013-06-21 18:13	964552	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ACEDC8A2-E566-45D1-9F84-1D9A31028CD6}\gapaengine.dll
2013-06-21 03:16 . 2013-06-21 03:16	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-06-15 17:46 . 2013-06-15 17:47	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2013-06-15 17:46 . 2013-06-15 17:47	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-13 23:18 . 2013-06-14 00:18	9089416	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-13 22:57 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-06-13 22:57 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-06-08 00:43 . 2013-06-08 01:45	--------	d-----w-	c:\users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-07 22:42 . 2013-06-08 13:52	--------	d-----w-	c:\program files (x86)\SaferSurf
2013-06-07 22:42 . 2013-06-07 22:42	--------	d-----w-	c:\programdata\Nutzwerk
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-07 09:21 . 2012-12-22 23:59	119296	----a-w-	c:\windows\SysWow64\zlib.dll
2013-07-06 16:33 . 2012-01-13 13:35	867240	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-07-06 16:33 . 2012-01-13 13:35	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-22 17:20 . 2012-12-15 12:09	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-06-21 12:06 . 2013-05-31 15:59	2936208	----a-w-	c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-05-31 15:59	27781920	----a-w-	c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-05-31 15:59	2597856	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-05-31 15:59	15920536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-05-31 15:59	15144928	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-05-31 15:59	13411896	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-05-31 15:59	12427240	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-05-31 15:59	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-06-21 10:23 . 2013-05-31 16:03	6496544	----a-w-	c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-05-31 16:03	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-05-31 16:03	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-05-31 16:03	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-05-31 16:03	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-05-31 16:03	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-06-20 04:17 . 2013-05-31 16:03	3253909	----a-w-	c:\windows\system32\nvcoproc.bin
2013-06-14 01:02 . 2012-01-13 14:22	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-14 00:18 . 2012-04-16 08:33	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-14 00:18 . 2012-01-13 13:34	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-06 17:23 . 2013-06-06 17:23	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-04 22:58 . 2012-08-13 20:09	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-06-04 22:58 . 2012-08-12 22:02	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-06-02 19:59 . 2012-08-12 22:02	283032	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-05-24 18:07 . 2013-03-15 21:21	964552	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-12 21:42 . 2013-05-31 15:59	1832224	----a-w-	c:\windows\system32\nvdispco6432018.dll
2013-05-12 21:42 . 2013-05-31 15:59	1511712	----a-w-	c:\windows\system32\nvdispgenco6432018.dll
2013-05-10 14:17 . 2013-05-10 14:17	70720	----a-w-	c:\windows\SysWow64\libresample.dll
2013-05-10 13:50 . 2013-05-10 13:50	225369510	----a-w-	c:\windows\SysWow64\Backup_15-50-15_10-5-2013.reg
2013-05-10 10:52 . 2013-05-10 12:58	82432	----a-w-	c:\windows\SysWow64\avformat.dll
2013-05-10 10:52 . 2013-05-10 12:57	82432	----a-w-	c:\windows\system32\avformat.dll
2013-05-09 12:03 . 2010-06-24 10:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2013-04-24 21:56 . 2013-04-24 21:56	77592	----a-w-	c:\windows\system32\ladfGSRCoinst_amd64.dll
2013-04-24 21:56 . 2013-04-24 21:56	410008	------w-	c:\windows\system32\drivers\ladfGSCamd64.sys
2013-04-24 21:56 . 2013-04-24 21:56	102808	------w-	c:\windows\system32\drivers\ladfGSRamd64.sys
2013-04-20 19:35 . 2013-04-20 19:35	13696	------w-	c:\windows\system32\drivers\fixustor.sys
2013-04-13 05:49 . 2013-05-17 18:40	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-17 18:40	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-17 18:40	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-17 18:40	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-17 18:40	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-17 18:40	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-05-08 19:31	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-11 14:12 . 2012-07-20 19:18	19392	----a-w-	c:\windows\system32\roboot64.exe
2013-04-10 06:01 . 2013-05-17 18:40	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-17 18:40	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-17 18:40	3153920	----a-w-	c:\windows\system32\win32k.sys
2012-06-06 04:06 . 2012-06-06 04:06	2174976	----a-w-	c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7}]
2013-03-30 10:30	118272	----a-w-	c:\programdata\Breowse2savue\5156becfafe0d.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-06 19:33	1519304	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-06 1519304]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	130736	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2013-06-06 1641896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Turbo Key"="c:\program files (x86)\ASUS\Turbo Key\TurboKey.exe" [2009-11-24 1874432]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-10-22 642216]
"SAFE2012 HotKeys"="d:\program files (x86)\SteganosHotKeyService.exe" [2012-11-19 84480]
"SAFE2012 File Redirection Starter"="d:\program files (x86)\fredirstarter.exe" [2012-11-19 17408]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FIXUSTOR;FIXUSTOR;c:\windows\system32\DRIVERS\fixustor.sys;c:\windows\SYSNATIVE\DRIVERS\fixustor.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 mv91cons;mv91cons;c:\windows\system32\drivers\mv91cons.sys;c:\windows\SYSNATIVE\drivers\mv91cons.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 SLEE_17_DRIVER;Steganos Live Encryption Engine 17 [Driver];c:\windows\Sleen1764.sys;c:\windows\Sleen1764.sys [x]
S1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];c:\windows\Sleen1864.sys;c:\windows\Sleen1864.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 SaferSurfServices;SaferSurfServices;c:\program files (x86)\SaferSurf\SaferSurfServices.exe;c:\program files (x86)\SaferSurf\SaferSurfServices.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-06 17:29	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 00:18]
.
2013-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 11:44]
.
2013-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 11:44]
.
2013-07-07 c:\windows\Tasks\WpsUpdateTask_Manuel.job
- c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45	164016	----a-w-	c:\users\Manuel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
LSP: c:\program files (x86)\SaferSurf\wslsp.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - ExtSQL: 2013-06-06 18:05; client@anonymox.net; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\extensions\client@anonymox.net.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Toolbar-Locked - (no file)
Toolbar-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2774469641-1193827106-2472648205-1001\Software\SecuROM\License information*]
"datasecu"=hex:14,45,12,de,78,56,7a,9d,3f,16,8d,61,bb,ea,5e,a7,db,e4,3c,2e,62,
   da,f3,22,e0,5c,11,bb,cd,cd,80,39,dc,e8,ef,a6,fd,55,af,c4,ad,c2,5a,bb,5f,bb,\
"rkeysecu"=hex:d3,4f,0e,2a,fe,7f,b4,d8,4f,b1,e8,1e,18,c8,93,91
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\YourFileDownloader\YourFileUpdater.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
c:\windows\SysWOW64\WinMsgBalloonServer.exe
c:\windows\SysWOW64\WinMsgBalloonClient.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-07  15:24:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-07 13:24
ComboFix2.txt  2013-07-07 11:02
ComboFix3.txt  2013-07-06 17:06
.
Vor Suchlauf: 19 Verzeichnis(se), 71.612.829.696 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 71.583.821.824 Bytes frei
.
- - End Of File - - 433912302FA9D0B9146AED0AF5AFD5C2
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 07.07.2013, 18:27   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST Log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 19:25   #11
vVManuelVv
 
Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Danke für deinen Zeitaufwand->hier sind die Logfiles

AdwCleaner:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 07/07/2013 um 20:02:31 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Manuel - MANUEL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Manuel\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Manuel\Desktop\sweetpcfix.url
Ordner Gelöscht : C:\Program Files (x86)\appbario2
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\yourfiledownloader
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Breowse2savue
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breowse2savue
Ordner Gelöscht : C:\ProgramData\RegClean
Ordner Gelöscht : C:\ProgramData\SoftSafe
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Users\Manuel\AppData\Local\APN
Ordner Gelöscht : C:\Users\Manuel\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonnbhfkkomkpchfjhlaipgkanfiebp
Ordner Gelöscht : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gelöscht : C:\Users\Manuel\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Manuel\AppData\LocalLow\appbario2
Ordner Gelöscht : C:\Users\Manuel\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Manuel\AppData\LocalLow\Breowse2savue
Ordner Gelöscht : C:\Users\Manuel\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Manuel\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Manuel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Manuel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Manuel\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Manuel\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\appbario2
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A9958-7BDB-44D5-B091-57834ABBE26C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\appbario2
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3227975
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C66A9958-7BDB-44D5-B091-57834ABBE26C}
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\590d98ce73ee543
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AFBFE24-A869-4E40-82E6-8916B99E36F0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4EC75BA-0946-46A7-9B9C-3C7C7F02F70E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FAACDB3-295B-74CA-3FC3-C5B38A7A80F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDF97EE2-DED0-4369-835E-99DD08225FA5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\appbario2 Toolbar
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CDF97EE2-DED0-4369-835E-99DD08225FA5}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CDF97EE2-DED0-4369-835E-99DD08225FA5}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\prefs.js

Gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Gelöscht : user_pref("aol_toolbar.default.search.check", false);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.2351] : homepage = "hxxp://www2.delta-search.com/?affID=119586&tt=gc_&babsrc=HP_ss&mntrId=267E08863B24FC[...]

*************************

AdwCleaner[S1].txt - [12749 octets] - [07/07/2013 20:02:31]

########## EOF - C:\AdwCleaner[S1].txt - [12810 octets] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Manuel on 07.07.2013 at 20:15:56,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{25182C60-EA76-47E3-98AA-B91886055459}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{012889AF-DAD4-4D18-816C-E302D9649559}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{03831843-A7B6-4190-B922-BB882B9F82F0}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{0795E218-163D-4091-8280-F856413F2FA0}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{0DCF5F18-0800-41D0-ACA3-4476F97B9F9B}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{1536E651-C9CD-4F92-B6E6-85F919A9E1E8}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{19521741-6C86-43FD-8C29-D0D65B8821D3}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{1BFA2CEB-5510-4987-A78E-34C617078205}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{1D1B5944-1F3A-485C-9F8A-B4C44BEE4D19}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{1D27D751-9368-4A26-AF0A-9B18468816A6}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{21B94406-E4CB-4609-9AA1-60D78AC53EE4}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{261E412D-CDCA-409F-A905-6185D28774DB}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{29A452AC-D420-443C-B51D-2D7BBA56A00D}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{2A5A92BA-196A-4434-BC1D-39810D06FDB5}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{2B819D99-7233-4AE7-8015-CBD6DF514EBD}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{2DEB59DA-60BD-4A85-9C35-28BE98020A8A}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{3CD27E57-78FA-415E-ADC0-F4324B6F5F00}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{430F1575-5D4E-41AB-BB79-B802B2DE27FC}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{43891DC9-9FE7-431B-957F-A32122709C1D}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{46252BDA-521A-4C9B-AB5F-F1378C8D3329}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{4722BFF7-A2CA-42E3-AAB6-742AA5A6C5D1}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{49F3C533-80E6-4CDF-9CB0-EC0A872D45A7}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{4EE8F7E7-83A5-4E36-AE38-29652A19EA16}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{51C51FFA-632E-45A7-8843-68E428176B99}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{529C6FF8-83DF-4469-8F6E-9A20CCCEAC89}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{54C25B0B-9FE1-464A-8007-1D110360A3E4}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{59D88D62-E675-4916-B499-0B73FCC2CF9E}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{5B059628-4F86-4EFF-9B2D-4C1C35C9F628}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{5CEE7C35-C4DE-4F8F-9C8D-B81CD2C74589}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{5CF18B9F-FF50-4882-9B79-C48F2A06B2C3}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{5F778C0E-DB5C-4AED-B34B-B6C8458577B1}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{62365E65-20D2-4ED5-9916-4971879B9A89}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{62490807-3361-46E5-BD7C-0C5CD970BB72}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{63CA930D-0191-4B95-B0BF-0F1E96B8A272}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{64FC636E-661B-4D6E-9D36-AA9DE18C4F9F}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{682D2B03-8A8B-4AAD-9303-291A2C8427DD}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{68594B3F-7DE7-460A-A3AF-9119936A40ED}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{69275821-02A6-47DB-9944-F3CEF3992D29}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{6C3A46AA-EB7C-43D0-BBAB-4CB5DAD4B2F7}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{6C657B84-FDD7-403D-B70B-883DAC477958}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{71E36A7E-1855-4256-B6A9-4CB7285294D8}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{753476B2-2BB7-4E26-96A6-34E47BB43BCA}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{7651770C-5170-4003-8422-6A74D2DD6258}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{771282E3-CC85-4E55-89C9-5B2BECF515AB}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{777BCFF1-1B52-47BB-A71B-50301E324535}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{78323273-959F-44BC-9464-6BFE85B58CD1}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{79EAF11B-6247-41CF-B384-E4E4AAD034CB}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{84C32822-1DB1-45E3-9F48-E9EA5607B237}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{8D7F4663-5AE4-496E-8FC8-6EBEA6A371A9}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{90B651B6-5893-49CE-9ABF-048D9867FF8C}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{90DB8F77-4184-4FD1-951E-8C6044CC8E8B}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{95395204-060A-4285-8668-70CA2C0C43D3}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{97950667-6FBE-4BF6-9989-2B7A22E69359}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{988FB4C4-F343-4CD5-A9CF-494CD066CCDD}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{9B9D79E2-1D76-4AB5-AAB5-929546AD2A7C}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{A15ADD94-9BC1-40B5-A258-A8142A260F77}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{A96567A5-77DA-4B9F-A763-39B01A8C49C4}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{AB42F9EC-E8BA-4465-8CCE-C5832A663048}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{ABF4F0DD-016B-4E66-9035-0676244E40A2}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{ABF587C7-AED1-47F1-A1A1-8CF970EF85EA}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{AC58484B-620E-4ABC-AAC6-97412DEC2E95}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{AEA6F82F-C524-4256-9673-319FC25FEC9A}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{B18E2AAF-ABD4-4070-9878-6F162ED08224}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{B2943BE9-BC9A-4394-B3FB-293F5D3E7907}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{B5407037-3461-4CD2-8517-BA531DF4CE6B}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{B8C37237-FA53-4408-B982-27F967D89A66}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{BC3CAF8B-3E79-4B40-ACE1-B31B2E06EB8C}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{BC45BF56-9686-4D9F-B750-D10BCE5B100F}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{BDB37544-467B-4E71-ADB5-CA243EEC0FAD}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{BE72BE79-5063-41AC-B9E1-444FB0DD2989}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{C62F67BF-578B-4D8E-8835-9F9F6C392225}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{C8C16D8A-BC31-4114-9C1D-C9057028464A}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{C93F52FC-0678-4E4C-A8C2-40C1B6AEF15C}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{CAD461C3-E268-4B60-AB33-0C95365D9133}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{CBBC8EAD-DE3C-4EF4-9359-3BF1107C4A76}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{CCEC6AC6-40F7-40E1-91E5-9A9ED8CF04C1}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{D0268C7E-3241-4E9D-A7BE-8A04405F1A21}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{D6AE3B76-3ADA-4DC3-A403-77BF41B469D4}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{D6E17C46-ACCF-4149-9F82-A5CD2C52D0FF}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{D78EFFF8-B251-4709-AA18-6AE8D0EC1B6C}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{D867A769-FB60-48F5-85A1-FBAAF70701B4}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{DA47E93D-0D48-4585-8E55-ACDB633CF2D7}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E113ADAF-6F76-4876-9444-C7D47213548D}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E1BF5BFB-5B86-4437-AC75-B290D108E157}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E23BEE05-1D2E-40C8-970E-BC327B139D8E}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E5843A28-631B-4CF0-861F-45F91097E0AA}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E590C95E-2E52-46CB-9CDC-5D7282DB31D8}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E66B52E7-5936-4012-929A-B7EF260064FE}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E924DD1C-AF32-423B-AB13-50557F823645}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{E99CCE91-F072-4732-A289-08C2AFD964E3}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{EF84F961-6E95-4704-9C5A-8F2D3A648EC9}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{F2ACDEE0-0554-4296-92C5-512C6CE8DA3E}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{F5A891AC-4EFA-4F3A-8849-48392E24064D}
Successfully deleted: [Empty Folder] C:\Users\Manuel\appdata\local\{FAE85220-0E05-4D80-85AE-ED556DAB6713}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.07.2013 at 20:19:58,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Manuel (administrator) on 07-07-2013 20:21:16
Running from C:\Users\Manuel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Nutzwerk) C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Steganos Software GmbH) D:\Program Files (x86)\SteganosHotKeyService.exe
(Steganos Software GmbH) D:\Program Files (x86)\fredirstarter.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Steam] "D:\Steam\steam.exe" -silent [x]
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Turbo Key] "C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe" [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-10-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SAFE2012 HotKeys] "D:\Program Files (x86)\SteganosHotKeyService.exe" [x]
HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] "D:\Program Files (x86)\fredirstarter.exe" [x]
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 02 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 03 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 04 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 05 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 06 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 07 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 08 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 09 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 10 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 21 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 09 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 10 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 21 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: BalancedWorlds.com/WebLauncher - C:\Users\Manuel\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll (BalancedWorlds)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: client - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\Extensions\client@anonymox.net.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "https://duckduckgo.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Battlefield Heroes) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (AdBlock) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (YouTube Unblocker) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.4_0
CHR Extension: (Battlefield Play4Free) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-05] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-10-22] (Advanced Micro Devices, Inc.)
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-02-19] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-03-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-03-15] (BlueStack Systems, Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [59592 2013-06-26] (Bitdefender)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-03-24] ()
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 SaferSurfServices; C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe [1440808 2013-02-11] (Nutzwerk)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-01-11] (Advanced Micro Devices Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2013-03-09] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-07-06] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-04-17] (Bitdefender SRL)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [13696 2013-04-20] (GenesysLogic)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [76072 2012-06-01] (Fresco Logic)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-06-15] (BitDefender LLC)
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-01-31] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [104448 2012-05-10] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [221184 2012-05-10] (Renesas Electronics Corporation)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-21] (BitDefender S.R.L.)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S1 lfezwbop; \??\C:\Windows\system32\drivers\lfezwbop.sys [x]
S4 NvStUSB; \SystemRoot\system32\drivers\nvstusb.sys [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 20:19 - 2013-07-07 20:19 - 00011146 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\JRT
2013-07-07 20:02 - 2013-07-07 20:03 - 00012868 ____A C:\AdwCleaner[S1].txt
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-07-07 16:06 - 2013-07-07 16:11 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-07 16:06 - 2013-07-07 16:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DG
2013-07-07 15:25 - 2013-07-07 15:25 - 00040476 ____A C:\ComboFix.txt
2013-07-07 14:43 - 2013-07-07 15:25 - 00000000 ____D C:\ComboFix
2013-07-07 14:43 - 2013-07-07 14:42 - 05087096 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-07-07 14:41 - 2013-07-07 14:42 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (2).exe
2013-07-07 12:12 - 2013-07-07 12:12 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (1).exe
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-06 20:43 - 2013-07-06 20:43 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-07-06 19:49 - 2013-07-06 19:55 - 00000000 ____D C:\Program Files (x86)\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:49 - 00001934 ____A C:\Users\Manuel\Desktop\Simple Port Forwarding.lnk
2013-07-06 19:49 - 2013-07-06 19:49 - 00000000 ____D C:\Windows\Simple Port Forwarding
2013-07-06 19:48 - 2013-07-06 19:49 - 06793138 ____A C:\Users\Manuel\Downloads\simple_port_forwarding_setup.exe
2013-07-06 19:38 - 2013-07-06 19:46 - 00360793 ____A C:\Users\Manuel\Downloads\TBFI-0.8.2.zip
2013-07-06 19:24 - 2013-07-06 19:24 - 00000000 ____A C:\Windows\SysWOW64\Access.dat
2013-07-06 18:47 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-06 18:47 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-06 18:47 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-06 18:45 - 2013-07-07 15:25 - 00000000 ___AD C:\Qoobox
2013-07-06 18:44 - 2013-07-07 14:58 - 00000000 ____D C:\Windows\erdnt
2013-07-06 18:41 - 2013-07-06 18:41 - 05086173 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-07-06 18:36 - 2013-07-06 18:37 - 20257649 ____A C:\Users\Manuel\Downloads\Tunngle_OfflineSetup_v4.5.0.1.zip
2013-07-06 18:34 - 2013-07-06 18:34 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 18:34 - 2013-07-06 18:33 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 18:34 - 2013-07-06 18:33 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 18:34 - 2013-07-06 18:33 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 18:31 - 2013-07-06 18:31 - 00903080 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u25.exe
2013-07-06 18:29 - 2013-07-06 18:29 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-07-06 18:25 - 2013-06-21 20:03 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-07-06 18:25 - 2013-06-15 17:28 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-07-06 18:25 - 2013-04-17 14:59 - 00593144 ____A (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-07-06 17:54 - 2013-07-06 17:54 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies (1).exe
2013-07-06 17:50 - 2013-07-06 17:50 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies.exe
2013-07-06 17:50 - 2013-07-06 17:50 - 00002168 ____A C:\Users\Manuel\Desktop\Bomb Buddies.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00001165 ____A C:\Users\Manuel\Desktop\Continue Bomb Buddies Installation.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00000000 ____D C:\Users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 17:49 - 2013-07-06 17:49 - 00659320 ____A C:\Users\Manuel\Downloads\bomb-buddies--32-bits.exe
2013-07-06 16:22 - 2013-07-06 16:22 - 02169813 ____A C:\Users\Manuel\Downloads\BruteForce_0.9.1.zip
2013-07-06 14:05 - 2013-07-06 14:05 - 00039061 ____A C:\Users\Manuel\Desktop\Addition.txt
2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:01 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 10:56 - 2013-07-06 11:00 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:49 - 2013-07-06 00:03 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:46 - 2013-07-06 00:05 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-05 23:46 - 2013-07-05 23:47 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:42 - 2010-05-06 22:59 - 00165032 ____A (ALWIL Software) C:\Windows\SysWOW64\aswBoot.exe
2013-07-05 23:42 - 2010-05-06 22:59 - 00038848 ____A (ALWIL Software) C:\Windows\SysWOW64\avastSS.scr
2013-07-05 23:28 - 2013-07-06 00:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:15 - 2013-07-05 23:17 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:33 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-05 21:33 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ___RD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:22 - 2013-07-05 21:23 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:16 - 2013-06-22 15:17 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:14 - 2013-06-22 15:15 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:16 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:09 - 2013-06-22 15:13 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 14:58 - 2013-06-22 14:59 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:52 - 2013-06-22 14:55 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:41 - 2013-06-22 14:42 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:34 - 2013-06-22 14:36 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 03:00 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 03:00 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 03:00 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 03:00 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 03:00 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 19:46 - 2013-06-15 19:47 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:45 - 2013-06-15 19:46 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 18:41 - 2013-06-15 18:42 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 04:23 - 2013-06-15 04:25 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:15 - 2013-06-15 04:17 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 05:26 - 2013-06-14 05:28 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:14 - 2013-06-14 05:16 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:00 - 2013-06-14 05:14 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 04:58 - 2013-06-14 05:00 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:01 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 03:01 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 03:01 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 03:01 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-14 01:18 - 2013-06-14 02:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 00:58 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-14 00:58 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-14 00:58 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-14 00:58 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-14 00:58 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-14 00:58 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-14 00:58 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-14 00:58 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-14 00:57 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-14 00:57 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:41 - 2013-06-09 11:59 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-09 03:22 - 2013-06-09 04:39 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 01:57 - 2013-06-09 04:55 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-08 02:43 - 2013-06-08 03:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 15:52 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk

==================== One Month Modified Files and Folders =======

2013-07-07 20:19 - 2013-07-07 20:19 - 00011146 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-07-07 20:19 - 2012-12-14 22:35 - 00000376 ____A C:\Windows\Tasks\WpsUpdateTask_Manuel.job
2013-07-07 20:18 - 2012-04-16 10:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-07 20:16 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-07 20:16 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\JRT
2013-07-07 20:13 - 2013-05-31 10:27 - 01138082 ____A C:\Windows\WindowsUpdate.log
2013-07-07 20:12 - 2013-02-16 17:47 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-07-07 20:09 - 2012-12-09 10:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Care 365
2013-07-07 20:08 - 2013-01-11 22:41 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\2.0
2013-07-07 20:08 - 2012-07-19 13:44 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-07 20:07 - 2013-05-31 10:22 - 00005663 ____A C:\Windows\setupact.log
2013-07-07 20:07 - 2012-07-16 15:04 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-07 20:07 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 20:03 - 2013-07-07 20:02 - 00012868 ____A C:\AdwCleaner[S1].txt
2013-07-07 20:02 - 2012-07-19 15:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-07-07 19:57 - 2012-07-19 22:01 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-07-07 19:57 - 2012-07-19 22:01 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-07 19:26 - 2012-07-19 13:44 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-07 18:05 - 2013-04-06 13:00 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\YGOPro
2013-07-07 16:11 - 2013-07-07 16:06 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-07 16:06 - 2013-07-07 16:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DG
2013-07-07 15:25 - 2013-07-07 15:25 - 00040476 ____A C:\ComboFix.txt
2013-07-07 15:25 - 2013-07-07 14:43 - 00000000 ____D C:\ComboFix
2013-07-07 15:25 - 2013-07-06 18:45 - 00000000 ___AD C:\Qoobox
2013-07-07 15:03 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-07-07 15:00 - 2013-05-31 10:21 - 00038994 ____A C:\Windows\PFRO.log
2013-07-07 14:59 - 2009-07-14 04:34 - 77447168 ____A C:\Windows\System32\config\software.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 22806528 ____A C:\Windows\System32\config\system.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 01835008 ____A C:\Windows\System32\config\default.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 00061440 ____A C:\Windows\System32\config\sam.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 00028672 ____A C:\Windows\System32\config\security.bak
2013-07-07 14:58 - 2013-07-06 18:44 - 00000000 ____D C:\Windows\erdnt
2013-07-07 14:42 - 2013-07-07 14:43 - 05087096 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-07-07 14:42 - 2013-07-07 14:41 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (2).exe
2013-07-07 13:43 - 2012-07-19 13:16 - 00000000 ____D C:\Users\Manuel\AppData\Local\Windows Live
2013-07-07 13:29 - 2013-05-20 22:54 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Tunngle
2013-07-07 13:29 - 2013-05-20 22:54 - 00000000 ____D C:\ProgramData\Tunngle
2013-07-07 12:12 - 2013-07-07 12:12 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (1).exe
2013-07-07 11:38 - 2012-11-03 17:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-07 11:30 - 2009-07-14 04:34 - 00000478 ____A C:\Windows\win.ini
2013-07-07 11:25 - 2013-01-25 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\Adobe
2013-07-07 11:21 - 2012-12-23 01:59 - 00119296 ____A C:\Windows\SysWOW64\zlib.dll
2013-07-06 20:43 - 2013-07-06 20:43 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-07-06 19:55 - 2013-07-06 19:49 - 00000000 ____D C:\Program Files (x86)\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:49 - 00001934 ____A C:\Users\Manuel\Desktop\Simple Port Forwarding.lnk
2013-07-06 19:49 - 2013-07-06 19:49 - 00000000 ____D C:\Windows\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:48 - 06793138 ____A C:\Users\Manuel\Downloads\simple_port_forwarding_setup.exe
2013-07-06 19:46 - 2013-07-06 19:38 - 00360793 ____A C:\Users\Manuel\Downloads\TBFI-0.8.2.zip
2013-07-06 19:31 - 2012-07-19 13:44 - 00002143 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-06 19:24 - 2013-07-06 19:24 - 00000000 ____A C:\Windows\SysWOW64\Access.dat
2013-07-06 19:06 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-07-06 18:45 - 2012-07-20 21:02 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2013-07-06 18:41 - 2013-07-06 18:41 - 05086173 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-07-06 18:38 - 2013-05-20 22:54 - 00000000 ____D C:\Program Files (x86)\Tunngle
2013-07-06 18:37 - 2013-07-06 18:36 - 20257649 ____A C:\Users\Manuel\Downloads\Tunngle_OfflineSetup_v4.5.0.1.zip
2013-07-06 18:34 - 2013-07-06 18:34 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 18:33 - 2013-07-06 18:34 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 18:33 - 2013-07-06 18:34 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 18:33 - 2013-07-06 18:34 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 18:33 - 2012-01-13 15:35 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-06 18:33 - 2012-01-13 15:35 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-06 18:31 - 2013-07-06 18:31 - 00903080 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u25.exe
2013-07-06 18:29 - 2013-07-06 18:29 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-07-06 18:15 - 2009-07-14 06:45 - 05061168 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-06 17:54 - 2013-07-06 17:54 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies (1).exe
2013-07-06 17:50 - 2013-07-06 17:50 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies.exe
2013-07-06 17:50 - 2013-07-06 17:50 - 00002168 ____A C:\Users\Manuel\Desktop\Bomb Buddies.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00001165 ____A C:\Users\Manuel\Desktop\Continue Bomb Buddies Installation.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00000000 ____D C:\Users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 17:49 - 2013-07-06 17:49 - 00659320 ____A C:\Users\Manuel\Downloads\bomb-buddies--32-bits.exe
2013-07-06 17:04 - 2013-05-19 15:10 - 00000000 ____D C:\Users\Manuel\AppData\Local\Warframe
2013-07-06 16:22 - 2013-07-06 16:22 - 02169813 ____A C:\Users\Manuel\Downloads\BruteForce_0.9.1.zip
2013-07-06 16:21 - 2010-11-21 08:50 - 00696106 ____A C:\Windows\System32\perfh007.dat
2013-07-06 16:21 - 2010-11-21 08:50 - 00147280 ____A C:\Windows\System32\perfc007.dat
2013-07-06 16:21 - 2009-07-14 07:13 - 01612240 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 14:38 - 2013-03-16 19:14 - 00000000 ____D C:\Users\Manuel\.gimp-2.8
2013-07-06 14:05 - 2013-07-06 14:05 - 00039061 ____A C:\Users\Manuel\Desktop\Addition.txt
2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:00 - 2013-07-06 14:01 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 11:02 - 2013-01-19 12:06 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-06 11:00 - 2013-07-06 10:56 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 00:06 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-06 00:05 - 2013-07-05 23:46 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-06 00:03 - 2013-07-05 23:49 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:58 - 2012-07-19 14:04 - 00000000 ____D C:\Users\Manuel\Desktop\Musik
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:47 - 2013-07-05 23:46 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:43 - 2013-01-19 12:06 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:17 - 2013-07-05 23:15 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 23:01 - 2012-07-19 13:16 - 00116784 ____A C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-05 21:38 - 2010-11-21 09:00 - 00000000 ____D C:\Windows\ShellNew
2013-07-05 21:37 - 2012-07-16 15:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-05 21:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:36 - 2012-02-10 12:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-05 21:36 - 2012-01-13 13:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-05 21:32 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ___RD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:23 - 2013-07-05 21:22 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-27 21:31 - 2012-10-13 11:00 - 00013900 ____A C:\Users\Manuel\Desktop\einloggdaten.rar
2013-06-23 11:52 - 2012-11-03 17:56 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\SoftGrid Client
2013-06-22 19:20 - 2013-06-04 21:06 - 00000683 ____A C:\Windows\LkmdfCoInst.log
2013-06-22 19:20 - 2012-12-15 14:09 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-06-22 18:23 - 2012-07-19 16:14 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.minecraft
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:17 - 2013-06-22 15:16 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:16 - 2013-06-22 15:13 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:15 - 2013-06-22 15:14 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:09 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 15:01 - 2013-03-09 20:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Mp3tag
2013-06-22 14:59 - 2013-06-22 14:58 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:55 - 2013-06-22 14:52 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:43 - 2013-03-09 18:04 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-06-22 14:42 - 2013-06-22 14:41 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:36 - 2013-06-22 14:34 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 23:21 - 2012-07-19 15:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-21 23:21 - 2012-07-19 15:01 - 00000000 ____D C:\ProgramData\Skype
2013-06-21 20:03 - 2013-07-06 18:25 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2013-05-31 18:03 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2013-05-31 18:03 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2013-05-31 18:03 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-15 20:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-15 19:47 - 2013-06-15 19:46 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:46 - 2013-06-15 19:45 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 19:46 - 2012-08-07 19:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2013-06-15 18:42 - 2013-06-15 18:41 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 17:28 - 2013-07-06 18:25 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-06-15 04:25 - 2013-06-15 04:23 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:17 - 2013-06-15 04:15 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 07:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 05:28 - 2013-06-14 05:26 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:16 - 2013-06-14 05:14 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:14 - 2013-06-14 05:00 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 05:00 - 2013-06-14 04:58 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:25 - 2012-01-13 14:32 - 00000000 ____D C:\Windows\Panther
2013-06-14 03:02 - 2012-01-13 16:22 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-14 02:18 - 2013-06-14 01:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 02:18 - 2012-04-16 10:33 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 02:18 - 2012-01-13 15:34 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 11:59 - 2013-06-09 11:41 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 04:55 - 2013-06-09 01:57 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-09 04:39 - 2013-06-09 03:22 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-08 16:29 - 2012-07-19 21:35 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-08 16:08 - 2013-06-16 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 15:52 - 2013-06-08 00:42 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 14:28 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 03:45 - 2013-06-08 02:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk
2013-06-07 00:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 09:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 07.07.2013, 20:45   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
S1 lfezwbop; \??\C:\Windows\system32\drivers\lfezwbop.sys [x]
S4 NvStUSB; \SystemRoot\system32\drivers\nvstusb.sys [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
C:\Windows\system32\drivers\lfezwbop.sys
C:\Windows\SysWOW64\Drivers\X6va008
C:\Windows\SysWOW64\Drivers\X6va009
C:\Windows\SysWOW64\Drivers\X6va011
C:\Windows\xhunter1.sys
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 21:30   #13
vVManuelVv
 
Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Hier ist der Fixlog:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by Manuel at 2013-07-07 22:01:26 Run:1
Running from C:\Users\Manuel\Desktop
Boot Mode: Normal
==============================================

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
HKCR\CLSID\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
lfezwbop => Service deleted successfully.
NvStUSB => Service deleted successfully.
X6va008 => Service deleted successfully.
X6va009 => Service deleted successfully.
X6va011 => Service deleted successfully.
xhunter1 => Service deleted successfully.
"C:\Windows\system32\drivers\lfezwbop.sys" => File/Directory not found.
"C:\Windows\SysWOW64\Drivers\X6va008" => File/Directory not found.
"C:\Windows\SysWOW64\Drivers\X6va009" => File/Directory not found.
"C:\Windows\SysWOW64\Drivers\X6va011" => File/Directory not found.
"C:\Windows\xhunter1.sys" => File/Directory not found.

==== End of Fixlog ====
         
Der Online Scan dauert, noch aber ich kriege bei dem Security Check den Error: UNSUPPORTED OPERATING SYSTEM! ABORTED!

Nach über 8 1/2 Stunden habe ich endlich die Logfile des Online Scanners:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=09ecef1422ae7f4481ced870a9b29ad2
# engine=14307
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-08 04:56:38
# local_time=2013-07-08 06:56:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 14213048 124889248 0 0
# scanned=961934
# found=9
# cleaned=0
# scan_time=31753
sh=AE7180E011F698DBEF0F68D623DF3F7004F1B365 ft=1 fh=8144db5ab5a71a94 vn="a variant of Win32/Adware.ErrorRepairPro application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Error Repair Professional\ErrorRepairProfessional.exe.vir"
sh=79604785A57164DADBAAE8CB1F9DA67AE0A8E577 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="C:\Users\Manuel\Downloads\Bulletstorm_CRACKFIX_READNFO-FLT (1).rar"
sh=79604785A57164DADBAAE8CB1F9DA67AE0A8E577 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="C:\Users\Manuel\Downloads\Bulletstorm_CRACKFIX_READNFO-FLT.rar"
sh=125B9DE3FAAD6CF9EE69248A68BA8985F4FFF7A3 ft=1 fh=ed34fb4d2d3beb95 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Program Files (x86)\EA\Bulletstorm\Binaries\Win32\xlive.dll"
sh=B30559AA97AE446F2BDD6EBFF7A92FF1907A76ED ft=1 fh=3f7f9ad8b6153593 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Program Files (x86)\Ubisoft\Assassin's Creed III\ubiorbitapi_r2_loader.dll"
sh=79604785A57164DADBAAE8CB1F9DA67AE0A8E577 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Users\Manuel\Downloads\Bulletstorm_CRACKFIX_READNFO-FLT (1).rar"
sh=E3972A161DE4AC32726058ACA5D2681837FA3A40 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Users\Manuel\Downloads\Bulletstorm_CRACKFIX_READNFO-FLT (1)\Bulletstorm_CRACKFIX_READNFO-FLT\flt-bstf.rar"
sh=125B9DE3FAAD6CF9EE69248A68BA8985F4FFF7A3 ft=1 fh=ed34fb4d2d3beb95 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Users\Manuel\Downloads\Bulletstorm_CRACKFIX_READNFO-FLT (1)\Bulletstorm_CRACKFIX_READNFO-FLT\flt-bstf\xlive.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Users\Manuel\Downloads\Bustorm\Bustorm\flt-bull.iso"
         
Nur der Securitycheck funktioniert nicht

Letztendlich bin ich doch mal auf die Idee gekommen, den SecurityCheck im Kompatiblitätsmodus zu starten und siehe da, es funktioniert:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.68  
 Windows XP  x64 (UAC is enabled)  
 Out of date service pack!! 
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 25  
 Adobe Flash Player 	11.7.700.224  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox 21.0 Firefox out of Date!  
 Google Chrome 26.0.1410.64  
 Google Chrome 27.0.1453.116  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Bitdefender Antivirus Free Edition gzserv.exe  
 Bitdefender Antivirus Free Edition gziface.exe  
 Bitdefender Antivirus Free Edition update.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Und hier Die FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Manuel (administrator) on 08-07-2013 07:16:58
Running from C:\Users\Manuel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Nutzwerk) C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Steganos Software GmbH) D:\Program Files (x86)\SteganosHotKeyService.exe
(Steganos Software GmbH) D:\Program Files (x86)\fredirstarter.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Valve Corporation) D:\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Steam] "D:\Steam\steam.exe" -silent [x]
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Turbo Key] "C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe" [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-10-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SAFE2012 HotKeys] "D:\Program Files (x86)\SteganosHotKeyService.exe" [x]
HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] "D:\Program Files (x86)\fredirstarter.exe" [x]
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 02 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 03 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 04 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 05 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 06 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 07 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 08 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 09 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 10 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 21 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 09 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 10 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 21 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: BalancedWorlds.com/WebLauncher - C:\Users\Manuel\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll (BalancedWorlds)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: client - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\Extensions\client@anonymox.net.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "https://duckduckgo.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Battlefield Heroes) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (AdBlock) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (YouTube Unblocker) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.4_0
CHR Extension: (Battlefield Play4Free) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-05] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-10-22] (Advanced Micro Devices, Inc.)
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-02-19] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-03-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-03-15] (BlueStack Systems, Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [59592 2013-06-26] (Bitdefender)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-03-24] ()
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 SaferSurfServices; C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe [1440808 2013-02-11] (Nutzwerk)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-01-11] (Advanced Micro Devices Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2013-03-09] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-07-06] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-04-17] (Bitdefender SRL)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [13696 2013-04-20] (GenesysLogic)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [76072 2012-06-01] (Fresco Logic)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-06-15] (BitDefender LLC)
S1 ibnxcvqt; C:\Windows\system32\drivers\ibnxcvqt.sys [49872 2013-07-08] (Microsoft Corporation)
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-01-31] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [104448 2012-05-10] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [221184 2012-05-10] (Renesas Electronics Corporation)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-21] (BitDefender S.R.L.)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
S1 xudkjngd; C:\Windows\system32\drivers\xudkjngd.sys [49872 2013-07-08] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\xudkjngd.sys
2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ibnxcvqt.sys
2013-07-07 22:27 - 2013-07-07 22:26 - 00890988 ____A C:\Users\Manuel\Desktop\SecurityCheck.exe
2013-07-07 22:26 - 2013-07-07 22:26 - 00890988 ____A C:\Users\Manuel\Downloads\SecurityCheck.exe
2013-07-07 22:04 - 2013-07-07 22:04 - 02347384 ____A (ESET) C:\Users\Manuel\Downloads\esetsmartinstaller_enu.exe
2013-07-07 20:19 - 2013-07-07 20:19 - 00011146 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\JRT
2013-07-07 20:02 - 2013-07-07 20:03 - 00012868 ____A C:\AdwCleaner[S1].txt
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-07-07 16:06 - 2013-07-07 16:11 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-07 16:06 - 2013-07-07 16:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DG
2013-07-07 15:25 - 2013-07-07 15:25 - 00040476 ____A C:\ComboFix.txt
2013-07-07 14:43 - 2013-07-07 15:25 - 00000000 ____D C:\ComboFix
2013-07-07 14:43 - 2013-07-07 14:42 - 05087096 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-07-07 14:41 - 2013-07-07 14:42 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (2).exe
2013-07-07 12:12 - 2013-07-07 12:12 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (1).exe
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-06 20:43 - 2013-07-06 20:43 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-07-06 19:49 - 2013-07-06 19:55 - 00000000 ____D C:\Program Files (x86)\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:49 - 00001934 ____A C:\Users\Manuel\Desktop\Simple Port Forwarding.lnk
2013-07-06 19:49 - 2013-07-06 19:49 - 00000000 ____D C:\Windows\Simple Port Forwarding
2013-07-06 19:48 - 2013-07-06 19:49 - 06793138 ____A C:\Users\Manuel\Downloads\simple_port_forwarding_setup.exe
2013-07-06 19:38 - 2013-07-06 19:46 - 00360793 ____A C:\Users\Manuel\Downloads\TBFI-0.8.2.zip
2013-07-06 19:24 - 2013-07-06 19:24 - 00000000 ____A C:\Windows\SysWOW64\Access.dat
2013-07-06 18:47 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-06 18:47 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-06 18:47 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-06 18:45 - 2013-07-07 15:25 - 00000000 ___AD C:\Qoobox
2013-07-06 18:44 - 2013-07-07 14:58 - 00000000 ____D C:\Windows\erdnt
2013-07-06 18:41 - 2013-07-06 18:41 - 05086173 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-07-06 18:36 - 2013-07-06 18:37 - 20257649 ____A C:\Users\Manuel\Downloads\Tunngle_OfflineSetup_v4.5.0.1.zip
2013-07-06 18:34 - 2013-07-06 18:34 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 18:34 - 2013-07-06 18:33 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 18:34 - 2013-07-06 18:33 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 18:34 - 2013-07-06 18:33 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 18:31 - 2013-07-06 18:31 - 00903080 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u25.exe
2013-07-06 18:29 - 2013-07-06 18:29 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-07-06 18:25 - 2013-06-21 20:03 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-07-06 18:25 - 2013-06-15 17:28 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-07-06 18:25 - 2013-04-17 14:59 - 00593144 ____A (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-07-06 17:54 - 2013-07-06 17:54 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies (1).exe
2013-07-06 17:50 - 2013-07-06 17:50 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies.exe
2013-07-06 17:50 - 2013-07-06 17:50 - 00002168 ____A C:\Users\Manuel\Desktop\Bomb Buddies.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00000000 ____D C:\Users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 17:49 - 2013-07-06 17:49 - 00659320 ____A C:\Users\Manuel\Downloads\bomb-buddies--32-bits.exe
2013-07-06 16:22 - 2013-07-06 16:22 - 02169813 ____A C:\Users\Manuel\Downloads\BruteForce_0.9.1.zip
2013-07-06 14:05 - 2013-07-06 14:05 - 00039061 ____A C:\Users\Manuel\Desktop\Addition.txt
2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:01 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 10:56 - 2013-07-06 11:00 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:49 - 2013-07-06 00:03 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:46 - 2013-07-06 00:05 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-05 23:46 - 2013-07-05 23:47 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:42 - 2010-05-06 22:59 - 00165032 ____A (ALWIL Software) C:\Windows\SysWOW64\aswBoot.exe
2013-07-05 23:42 - 2010-05-06 22:59 - 00038848 ____A (ALWIL Software) C:\Windows\SysWOW64\avastSS.scr
2013-07-05 23:28 - 2013-07-06 00:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:15 - 2013-07-05 23:17 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:33 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-05 21:33 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ___RD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:22 - 2013-07-05 21:23 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:16 - 2013-06-22 15:17 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:14 - 2013-06-22 15:15 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:16 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:09 - 2013-06-22 15:13 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 14:58 - 2013-06-22 14:59 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:52 - 2013-06-22 14:55 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:41 - 2013-06-22 14:42 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:34 - 2013-06-22 14:36 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 03:00 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 03:00 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 03:00 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 03:00 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 03:00 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 19:46 - 2013-06-15 19:47 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:45 - 2013-06-15 19:46 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 18:41 - 2013-06-15 18:42 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 04:23 - 2013-06-15 04:25 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:15 - 2013-06-15 04:17 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 05:26 - 2013-06-14 05:28 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:14 - 2013-06-14 05:16 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:00 - 2013-06-14 05:14 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 04:58 - 2013-06-14 05:00 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:01 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 03:01 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 03:01 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 03:01 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-14 01:18 - 2013-06-14 02:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 00:58 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-14 00:58 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-14 00:58 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-14 00:58 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-14 00:58 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-14 00:58 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-14 00:58 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-14 00:58 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-14 00:57 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-14 00:57 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:41 - 2013-06-09 11:59 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-09 03:22 - 2013-06-09 04:39 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 01:57 - 2013-06-09 04:55 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-08 02:43 - 2013-06-08 03:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 15:52 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk

==================== One Month Modified Files and Folders =======

2013-07-08 07:18 - 2012-04-16 10:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\xudkjngd.sys
2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ibnxcvqt.sys
2013-07-08 06:51 - 2013-05-31 10:27 - 01165970 ____A C:\Windows\WindowsUpdate.log
2013-07-08 06:26 - 2012-07-19 13:44 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-08 06:19 - 2012-12-14 22:35 - 00000376 ____A C:\Windows\Tasks\WpsUpdateTask_Manuel.job
2013-07-08 02:02 - 2013-01-25 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\Adobe
2013-07-08 00:14 - 2012-07-19 15:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2013-07-07 22:26 - 2013-07-07 22:27 - 00890988 ____A C:\Users\Manuel\Desktop\SecurityCheck.exe
2013-07-07 22:26 - 2013-07-07 22:26 - 00890988 ____A C:\Users\Manuel\Downloads\SecurityCheck.exe
2013-07-07 22:05 - 2010-11-21 08:50 - 00696106 ____A C:\Windows\System32\perfh007.dat
2013-07-07 22:05 - 2010-11-21 08:50 - 00147280 ____A C:\Windows\System32\perfc007.dat
2013-07-07 22:05 - 2009-07-14 07:13 - 01612240 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-07 22:04 - 2013-07-07 22:04 - 02347384 ____A (ESET) C:\Users\Manuel\Downloads\esetsmartinstaller_enu.exe
2013-07-07 20:19 - 2013-07-07 20:19 - 00011146 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-07-07 20:16 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-07 20:16 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\JRT
2013-07-07 20:12 - 2013-02-16 17:47 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-07-07 20:09 - 2012-12-09 10:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Care 365
2013-07-07 20:08 - 2013-01-11 22:41 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\2.0
2013-07-07 20:08 - 2012-07-19 13:44 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-07 20:07 - 2013-05-31 10:22 - 00005663 ____A C:\Windows\setupact.log
2013-07-07 20:07 - 2012-07-16 15:04 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-07 20:07 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 20:03 - 2013-07-07 20:02 - 00012868 ____A C:\AdwCleaner[S1].txt
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-07-07 19:57 - 2012-07-19 22:01 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-07-07 19:57 - 2012-07-19 22:01 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-07 18:05 - 2013-04-06 13:00 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\YGOPro
2013-07-07 16:11 - 2013-07-07 16:06 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-07 16:06 - 2013-07-07 16:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DG
2013-07-07 15:25 - 2013-07-07 15:25 - 00040476 ____A C:\ComboFix.txt
2013-07-07 15:25 - 2013-07-07 14:43 - 00000000 ____D C:\ComboFix
2013-07-07 15:25 - 2013-07-06 18:45 - 00000000 ___AD C:\Qoobox
2013-07-07 15:03 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-07-07 15:00 - 2013-05-31 10:21 - 00038994 ____A C:\Windows\PFRO.log
2013-07-07 14:59 - 2009-07-14 04:34 - 77447168 ____A C:\Windows\System32\config\software.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 22806528 ____A C:\Windows\System32\config\system.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 01835008 ____A C:\Windows\System32\config\default.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 00061440 ____A C:\Windows\System32\config\sam.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 00028672 ____A C:\Windows\System32\config\security.bak
2013-07-07 14:58 - 2013-07-06 18:44 - 00000000 ____D C:\Windows\erdnt
2013-07-07 14:42 - 2013-07-07 14:43 - 05087096 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-07-07 14:42 - 2013-07-07 14:41 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (2).exe
2013-07-07 13:43 - 2012-07-19 13:16 - 00000000 ____D C:\Users\Manuel\AppData\Local\Windows Live
2013-07-07 13:29 - 2013-05-20 22:54 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Tunngle
2013-07-07 13:29 - 2013-05-20 22:54 - 00000000 ____D C:\ProgramData\Tunngle
2013-07-07 12:12 - 2013-07-07 12:12 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (1).exe
2013-07-07 11:38 - 2012-11-03 17:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-07 11:30 - 2009-07-14 04:34 - 00000478 ____A C:\Windows\win.ini
2013-07-07 11:21 - 2012-12-23 01:59 - 00119296 ____A C:\Windows\SysWOW64\zlib.dll
2013-07-06 20:43 - 2013-07-06 20:43 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-07-06 19:55 - 2013-07-06 19:49 - 00000000 ____D C:\Program Files (x86)\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:49 - 00001934 ____A C:\Users\Manuel\Desktop\Simple Port Forwarding.lnk
2013-07-06 19:49 - 2013-07-06 19:49 - 00000000 ____D C:\Windows\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:48 - 06793138 ____A C:\Users\Manuel\Downloads\simple_port_forwarding_setup.exe
2013-07-06 19:46 - 2013-07-06 19:38 - 00360793 ____A C:\Users\Manuel\Downloads\TBFI-0.8.2.zip
2013-07-06 19:31 - 2012-07-19 13:44 - 00002143 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-06 19:24 - 2013-07-06 19:24 - 00000000 ____A C:\Windows\SysWOW64\Access.dat
2013-07-06 19:06 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-07-06 18:45 - 2012-07-20 21:02 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2013-07-06 18:41 - 2013-07-06 18:41 - 05086173 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-07-06 18:38 - 2013-05-20 22:54 - 00000000 ____D C:\Program Files (x86)\Tunngle
2013-07-06 18:37 - 2013-07-06 18:36 - 20257649 ____A C:\Users\Manuel\Downloads\Tunngle_OfflineSetup_v4.5.0.1.zip
2013-07-06 18:34 - 2013-07-06 18:34 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 18:33 - 2013-07-06 18:34 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 18:33 - 2013-07-06 18:34 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 18:33 - 2013-07-06 18:34 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 18:33 - 2012-01-13 15:35 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-06 18:33 - 2012-01-13 15:35 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-06 18:31 - 2013-07-06 18:31 - 00903080 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u25.exe
2013-07-06 18:29 - 2013-07-06 18:29 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-07-06 18:15 - 2009-07-14 06:45 - 05061168 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-06 17:54 - 2013-07-06 17:54 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies (1).exe
2013-07-06 17:50 - 2013-07-06 17:50 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies.exe
2013-07-06 17:50 - 2013-07-06 17:50 - 00002168 ____A C:\Users\Manuel\Desktop\Bomb Buddies.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00000000 ____D C:\Users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 17:49 - 2013-07-06 17:49 - 00659320 ____A C:\Users\Manuel\Downloads\bomb-buddies--32-bits.exe
2013-07-06 17:04 - 2013-05-19 15:10 - 00000000 ____D C:\Users\Manuel\AppData\Local\Warframe
2013-07-06 16:22 - 2013-07-06 16:22 - 02169813 ____A C:\Users\Manuel\Downloads\BruteForce_0.9.1.zip
2013-07-06 14:38 - 2013-03-16 19:14 - 00000000 ____D C:\Users\Manuel\.gimp-2.8
2013-07-06 14:05 - 2013-07-06 14:05 - 00039061 ____A C:\Users\Manuel\Desktop\Addition.txt
2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:00 - 2013-07-06 14:01 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 11:02 - 2013-01-19 12:06 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-06 11:00 - 2013-07-06 10:56 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 00:06 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-06 00:05 - 2013-07-05 23:46 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-06 00:03 - 2013-07-05 23:49 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:58 - 2012-07-19 14:04 - 00000000 ____D C:\Users\Manuel\Desktop\Musik
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:47 - 2013-07-05 23:46 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:43 - 2013-01-19 12:06 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:17 - 2013-07-05 23:15 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 23:01 - 2012-07-19 13:16 - 00116784 ____A C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-05 21:38 - 2010-11-21 09:00 - 00000000 ____D C:\Windows\ShellNew
2013-07-05 21:37 - 2012-07-16 15:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-05 21:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:36 - 2012-02-10 12:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-05 21:36 - 2012-01-13 13:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-05 21:32 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ___RD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:23 - 2013-07-05 21:22 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-27 21:31 - 2012-10-13 11:00 - 00013900 ____A C:\Users\Manuel\Desktop\einloggdaten.rar
2013-06-23 11:52 - 2012-11-03 17:56 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\SoftGrid Client
2013-06-22 19:20 - 2013-06-04 21:06 - 00000683 ____A C:\Windows\LkmdfCoInst.log
2013-06-22 19:20 - 2012-12-15 14:09 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-06-22 18:23 - 2012-07-19 16:14 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.minecraft
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:17 - 2013-06-22 15:16 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:16 - 2013-06-22 15:13 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:15 - 2013-06-22 15:14 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:09 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 15:01 - 2013-03-09 20:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Mp3tag
2013-06-22 14:59 - 2013-06-22 14:58 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:55 - 2013-06-22 14:52 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:43 - 2013-03-09 18:04 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-06-22 14:42 - 2013-06-22 14:41 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:36 - 2013-06-22 14:34 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 23:21 - 2012-07-19 15:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-21 23:21 - 2012-07-19 15:01 - 00000000 ____D C:\ProgramData\Skype
2013-06-21 20:03 - 2013-07-06 18:25 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2013-05-31 18:03 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2013-05-31 18:03 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2013-05-31 18:03 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-15 20:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-15 19:47 - 2013-06-15 19:46 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:46 - 2013-06-15 19:45 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 19:46 - 2012-08-07 19:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2013-06-15 18:42 - 2013-06-15 18:41 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 17:28 - 2013-07-06 18:25 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-06-15 04:25 - 2013-06-15 04:23 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:17 - 2013-06-15 04:15 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 07:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 05:28 - 2013-06-14 05:26 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:16 - 2013-06-14 05:14 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:14 - 2013-06-14 05:00 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 05:00 - 2013-06-14 04:58 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:25 - 2012-01-13 14:32 - 00000000 ____D C:\Windows\Panther
2013-06-14 03:02 - 2012-01-13 16:22 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-14 02:18 - 2013-06-14 01:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 02:18 - 2012-04-16 10:33 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 02:18 - 2012-01-13 15:34 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 11:59 - 2013-06-09 11:41 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 04:55 - 2013-06-09 01:57 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-09 04:39 - 2013-06-09 03:22 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-08 16:29 - 2012-07-19 21:35 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-08 16:08 - 2013-06-16 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 15:52 - 2013-06-08 00:42 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 14:28 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 03:45 - 2013-06-08 02:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 09:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 08.07.2013, 06:20   #14
vVManuelVv
 
Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Letztendlich bin ich doch mal auf die Idee gekommen, den SecurityCheck im Kompatiblitätsmodus zu starten und siehe da, es funktioniert:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.68  
 Windows XP  x64 (UAC is enabled)  
 Out of date service pack!! 
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 25  
 Adobe Flash Player 	11.7.700.224  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox 21.0 Firefox out of Date!  
 Google Chrome 26.0.1410.64  
 Google Chrome 27.0.1453.116  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Bitdefender Antivirus Free Edition gzserv.exe  
 Bitdefender Antivirus Free Edition gziface.exe  
 Bitdefender Antivirus Free Edition update.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Und hier Die FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Manuel (administrator) on 08-07-2013 07:16:58
Running from C:\Users\Manuel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Nutzwerk) C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Steganos Software GmbH) D:\Program Files (x86)\SteganosHotKeyService.exe
(Steganos Software GmbH) D:\Program Files (x86)\fredirstarter.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Valve Corporation) D:\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Steam] "D:\Steam\steam.exe" -silent [x]
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Turbo Key] "C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe" [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-10-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SAFE2012 HotKeys] "D:\Program Files (x86)\SteganosHotKeyService.exe" [x]
HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] "D:\Program Files (x86)\fredirstarter.exe" [x]
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 02 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 03 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 04 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 05 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 06 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 07 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 08 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 09 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 10 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9 21 C:\Program Files (x86)\SaferSurf\wslsp.dll [112640] (alpha 2000 GmbH)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 09 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 10 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Winsock: Catalog9-x64 21 C:\Program Files (x86)\SaferSurf\bin64\wslsp.dll [137216] (alpha 2000 GmbH)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: BalancedWorlds.com/WebLauncher - C:\Users\Manuel\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll (BalancedWorlds)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: client - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\a7kgk1tq.default\Extensions\client@anonymox.net.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "https://duckduckgo.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Battlefield Heroes) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (AdBlock) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (YouTube Unblocker) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.4_0
CHR Extension: (Battlefield Play4Free) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-05] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-10-22] (Advanced Micro Devices, Inc.)
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-02-19] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-03-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-03-15] (BlueStack Systems, Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [59592 2013-06-26] (Bitdefender)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-03-24] ()
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 SaferSurfServices; C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe [1440808 2013-02-11] (Nutzwerk)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-01-11] (Advanced Micro Devices Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2013-03-09] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-07-06] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-04-17] (Bitdefender SRL)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [13696 2013-04-20] (GenesysLogic)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [76072 2012-06-01] (Fresco Logic)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-06-15] (BitDefender LLC)
S1 ibnxcvqt; C:\Windows\system32\drivers\ibnxcvqt.sys [49872 2013-07-08] (Microsoft Corporation)
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-01-31] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [104448 2012-05-10] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [221184 2012-05-10] (Renesas Electronics Corporation)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-21] (BitDefender S.R.L.)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
S1 xudkjngd; C:\Windows\system32\drivers\xudkjngd.sys [49872 2013-07-08] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\xudkjngd.sys
2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ibnxcvqt.sys
2013-07-07 22:27 - 2013-07-07 22:26 - 00890988 ____A C:\Users\Manuel\Desktop\SecurityCheck.exe
2013-07-07 22:26 - 2013-07-07 22:26 - 00890988 ____A C:\Users\Manuel\Downloads\SecurityCheck.exe
2013-07-07 22:04 - 2013-07-07 22:04 - 02347384 ____A (ESET) C:\Users\Manuel\Downloads\esetsmartinstaller_enu.exe
2013-07-07 20:19 - 2013-07-07 20:19 - 00011146 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\JRT
2013-07-07 20:02 - 2013-07-07 20:03 - 00012868 ____A C:\AdwCleaner[S1].txt
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-07-07 16:06 - 2013-07-07 16:11 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-07 16:06 - 2013-07-07 16:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DG
2013-07-07 15:25 - 2013-07-07 15:25 - 00040476 ____A C:\ComboFix.txt
2013-07-07 14:43 - 2013-07-07 15:25 - 00000000 ____D C:\ComboFix
2013-07-07 14:43 - 2013-07-07 14:42 - 05087096 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-07-07 14:41 - 2013-07-07 14:42 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (2).exe
2013-07-07 12:12 - 2013-07-07 12:12 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (1).exe
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-06 20:43 - 2013-07-06 20:43 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-07-06 19:49 - 2013-07-06 19:55 - 00000000 ____D C:\Program Files (x86)\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:49 - 00001934 ____A C:\Users\Manuel\Desktop\Simple Port Forwarding.lnk
2013-07-06 19:49 - 2013-07-06 19:49 - 00000000 ____D C:\Windows\Simple Port Forwarding
2013-07-06 19:48 - 2013-07-06 19:49 - 06793138 ____A C:\Users\Manuel\Downloads\simple_port_forwarding_setup.exe
2013-07-06 19:38 - 2013-07-06 19:46 - 00360793 ____A C:\Users\Manuel\Downloads\TBFI-0.8.2.zip
2013-07-06 19:24 - 2013-07-06 19:24 - 00000000 ____A C:\Windows\SysWOW64\Access.dat
2013-07-06 18:47 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-06 18:47 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-06 18:47 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-06 18:47 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-06 18:45 - 2013-07-07 15:25 - 00000000 ___AD C:\Qoobox
2013-07-06 18:44 - 2013-07-07 14:58 - 00000000 ____D C:\Windows\erdnt
2013-07-06 18:41 - 2013-07-06 18:41 - 05086173 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-07-06 18:36 - 2013-07-06 18:37 - 20257649 ____A C:\Users\Manuel\Downloads\Tunngle_OfflineSetup_v4.5.0.1.zip
2013-07-06 18:34 - 2013-07-06 18:34 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 18:34 - 2013-07-06 18:33 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 18:34 - 2013-07-06 18:33 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 18:34 - 2013-07-06 18:33 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 18:31 - 2013-07-06 18:31 - 00903080 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u25.exe
2013-07-06 18:29 - 2013-07-06 18:29 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-07-06 18:25 - 2013-06-21 20:03 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-07-06 18:25 - 2013-06-15 17:28 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-07-06 18:25 - 2013-04-17 14:59 - 00593144 ____A (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-07-06 17:54 - 2013-07-06 17:54 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies (1).exe
2013-07-06 17:50 - 2013-07-06 17:50 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies.exe
2013-07-06 17:50 - 2013-07-06 17:50 - 00002168 ____A C:\Users\Manuel\Desktop\Bomb Buddies.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00000000 ____D C:\Users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 17:49 - 2013-07-06 17:49 - 00659320 ____A C:\Users\Manuel\Downloads\bomb-buddies--32-bits.exe
2013-07-06 16:22 - 2013-07-06 16:22 - 02169813 ____A C:\Users\Manuel\Downloads\BruteForce_0.9.1.zip
2013-07-06 14:05 - 2013-07-06 14:05 - 00039061 ____A C:\Users\Manuel\Desktop\Addition.txt
2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:01 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 10:56 - 2013-07-06 11:00 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:49 - 2013-07-06 00:03 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:46 - 2013-07-06 00:05 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-05 23:46 - 2013-07-05 23:47 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:42 - 2010-05-06 22:59 - 00165032 ____A (ALWIL Software) C:\Windows\SysWOW64\aswBoot.exe
2013-07-05 23:42 - 2010-05-06 22:59 - 00038848 ____A (ALWIL Software) C:\Windows\SysWOW64\avastSS.scr
2013-07-05 23:28 - 2013-07-06 00:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:15 - 2013-07-05 23:17 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:33 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-05 21:33 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-05 21:33 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ___RD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:22 - 2013-07-05 21:23 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:16 - 2013-06-22 15:17 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:14 - 2013-06-22 15:15 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:16 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:09 - 2013-06-22 15:13 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 14:58 - 2013-06-22 14:59 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:52 - 2013-06-22 14:55 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:41 - 2013-06-22 14:42 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:34 - 2013-06-22 14:36 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-16 03:00 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 03:00 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 03:00 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 03:00 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 03:00 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 03:00 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 03:00 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 19:46 - 2013-06-15 19:47 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:45 - 2013-06-15 19:46 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 18:41 - 2013-06-15 18:42 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 04:23 - 2013-06-15 04:25 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:15 - 2013-06-15 04:17 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 05:26 - 2013-06-14 05:28 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:14 - 2013-06-14 05:16 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:00 - 2013-06-14 05:14 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 04:58 - 2013-06-14 05:00 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:01 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 03:01 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 03:01 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 03:01 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 03:01 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 03:01 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-14 01:18 - 2013-06-14 02:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 00:58 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-14 00:58 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-14 00:58 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-14 00:58 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-14 00:58 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-14 00:58 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-14 00:58 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-14 00:58 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-14 00:58 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-14 00:58 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-14 00:58 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-14 00:57 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-14 00:57 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 11:41 - 2013-06-09 11:59 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-09 03:22 - 2013-06-09 04:39 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 01:57 - 2013-06-09 04:55 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-08 02:43 - 2013-06-08 03:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 15:52 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk

==================== One Month Modified Files and Folders =======

2013-07-08 07:18 - 2012-04-16 10:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\xudkjngd.sys
2013-07-08 07:13 - 2013-07-08 07:13 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ibnxcvqt.sys
2013-07-08 06:51 - 2013-05-31 10:27 - 01165970 ____A C:\Windows\WindowsUpdate.log
2013-07-08 06:26 - 2012-07-19 13:44 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-08 06:19 - 2012-12-14 22:35 - 00000376 ____A C:\Windows\Tasks\WpsUpdateTask_Manuel.job
2013-07-08 02:02 - 2013-01-25 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\Adobe
2013-07-08 00:14 - 2012-07-19 15:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2013-07-07 22:26 - 2013-07-07 22:27 - 00890988 ____A C:\Users\Manuel\Desktop\SecurityCheck.exe
2013-07-07 22:26 - 2013-07-07 22:26 - 00890988 ____A C:\Users\Manuel\Downloads\SecurityCheck.exe
2013-07-07 22:05 - 2010-11-21 08:50 - 00696106 ____A C:\Windows\System32\perfh007.dat
2013-07-07 22:05 - 2010-11-21 08:50 - 00147280 ____A C:\Windows\System32\perfc007.dat
2013-07-07 22:05 - 2009-07-14 07:13 - 01612240 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-07 22:04 - 2013-07-07 22:04 - 02347384 ____A (ESET) C:\Users\Manuel\Downloads\esetsmartinstaller_enu.exe
2013-07-07 20:19 - 2013-07-07 20:19 - 00011146 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-07-07 20:16 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-07 20:16 - 2009-07-14 06:45 - 00032080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 20:15 - 2013-07-07 20:15 - 00000000 ____D C:\JRT
2013-07-07 20:12 - 2013-02-16 17:47 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-07-07 20:09 - 2012-12-09 10:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Care 365
2013-07-07 20:08 - 2013-01-11 22:41 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\2.0
2013-07-07 20:08 - 2012-07-19 13:44 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-07 20:07 - 2013-05-31 10:22 - 00005663 ____A C:\Windows\setupact.log
2013-07-07 20:07 - 2012-07-16 15:04 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-07 20:07 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 20:03 - 2013-07-07 20:02 - 00012868 ____A C:\AdwCleaner[S1].txt
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-07-07 20:01 - 2013-07-07 20:01 - 00650027 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-07-07 19:57 - 2012-07-19 22:01 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-07-07 19:57 - 2012-07-19 22:01 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-07 18:05 - 2013-04-06 13:00 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\YGOPro
2013-07-07 16:11 - 2013-07-07 16:06 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-07 16:06 - 2013-07-07 16:06 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DG
2013-07-07 15:25 - 2013-07-07 15:25 - 00040476 ____A C:\ComboFix.txt
2013-07-07 15:25 - 2013-07-07 14:43 - 00000000 ____D C:\ComboFix
2013-07-07 15:25 - 2013-07-06 18:45 - 00000000 ___AD C:\Qoobox
2013-07-07 15:03 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-07-07 15:00 - 2013-05-31 10:21 - 00038994 ____A C:\Windows\PFRO.log
2013-07-07 14:59 - 2009-07-14 04:34 - 77447168 ____A C:\Windows\System32\config\software.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 22806528 ____A C:\Windows\System32\config\system.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 01835008 ____A C:\Windows\System32\config\default.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 00061440 ____A C:\Windows\System32\config\sam.bak
2013-07-07 14:59 - 2009-07-14 04:34 - 00028672 ____A C:\Windows\System32\config\security.bak
2013-07-07 14:58 - 2013-07-06 18:44 - 00000000 ____D C:\Windows\erdnt
2013-07-07 14:42 - 2013-07-07 14:43 - 05087096 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-07-07 14:42 - 2013-07-07 14:41 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (2).exe
2013-07-07 13:43 - 2012-07-19 13:16 - 00000000 ____D C:\Users\Manuel\AppData\Local\Windows Live
2013-07-07 13:29 - 2013-05-20 22:54 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Tunngle
2013-07-07 13:29 - 2013-05-20 22:54 - 00000000 ____D C:\ProgramData\Tunngle
2013-07-07 12:12 - 2013-07-07 12:12 - 05087096 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix (1).exe
2013-07-07 11:38 - 2012-11-03 17:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-07 11:32 - 2013-07-07 11:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-07 11:30 - 2009-07-14 04:34 - 00000478 ____A C:\Windows\win.ini
2013-07-07 11:21 - 2012-12-23 01:59 - 00119296 ____A C:\Windows\SysWOW64\zlib.dll
2013-07-06 20:43 - 2013-07-06 20:43 - 00718840 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-07-06 19:55 - 2013-07-06 19:49 - 00000000 ____D C:\Program Files (x86)\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:49 - 00001934 ____A C:\Users\Manuel\Desktop\Simple Port Forwarding.lnk
2013-07-06 19:49 - 2013-07-06 19:49 - 00000000 ____D C:\Windows\Simple Port Forwarding
2013-07-06 19:49 - 2013-07-06 19:48 - 06793138 ____A C:\Users\Manuel\Downloads\simple_port_forwarding_setup.exe
2013-07-06 19:46 - 2013-07-06 19:38 - 00360793 ____A C:\Users\Manuel\Downloads\TBFI-0.8.2.zip
2013-07-06 19:31 - 2012-07-19 13:44 - 00002143 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-06 19:24 - 2013-07-06 19:24 - 00000000 ____A C:\Windows\SysWOW64\Access.dat
2013-07-06 19:06 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-07-06 18:45 - 2012-07-20 21:02 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2013-07-06 18:41 - 2013-07-06 18:41 - 05086173 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-07-06 18:38 - 2013-05-20 22:54 - 00000000 ____D C:\Program Files (x86)\Tunngle
2013-07-06 18:37 - 2013-07-06 18:36 - 20257649 ____A C:\Users\Manuel\Downloads\Tunngle_OfflineSetup_v4.5.0.1.zip
2013-07-06 18:34 - 2013-07-06 18:34 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 18:33 - 2013-07-06 18:34 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 18:33 - 2013-07-06 18:34 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 18:33 - 2013-07-06 18:34 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 18:33 - 2012-01-13 15:35 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-06 18:33 - 2012-01-13 15:35 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-06 18:31 - 2013-07-06 18:31 - 00903080 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u25.exe
2013-07-06 18:29 - 2013-07-06 18:29 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-07-06 18:15 - 2009-07-14 06:45 - 05061168 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-06 17:54 - 2013-07-06 17:54 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies (1).exe
2013-07-06 17:50 - 2013-07-06 17:50 - 02972928 ____A C:\Users\Manuel\Downloads\BombBuddies.exe
2013-07-06 17:50 - 2013-07-06 17:50 - 00002168 ____A C:\Users\Manuel\Desktop\Bomb Buddies.lnk
2013-07-06 17:50 - 2013-07-06 17:50 - 00000000 ____D C:\Users\Manuel\AppData\Local\Balanced Worlds
2013-07-06 17:49 - 2013-07-06 17:49 - 00659320 ____A C:\Users\Manuel\Downloads\bomb-buddies--32-bits.exe
2013-07-06 17:04 - 2013-05-19 15:10 - 00000000 ____D C:\Users\Manuel\AppData\Local\Warframe
2013-07-06 16:22 - 2013-07-06 16:22 - 02169813 ____A C:\Users\Manuel\Downloads\BruteForce_0.9.1.zip
2013-07-06 14:38 - 2013-03-16 19:14 - 00000000 ____D C:\Users\Manuel\.gimp-2.8
2013-07-06 14:05 - 2013-07-06 14:05 - 00039061 ____A C:\Users\Manuel\Desktop\Addition.txt
2013-07-06 14:01 - 2013-07-06 14:01 - 00000000 ____D C:\FRST
2013-07-06 14:00 - 2013-07-06 14:01 - 01934636 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-07-06 14:00 - 2013-07-06 14:00 - 01934636 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-07-06 11:02 - 2013-01-19 12:06 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-06 11:00 - 2013-07-06 10:56 - 117478104 ____A C:\Users\Manuel\Downloads\avast_free_antivirus_setup.exe
2013-07-06 00:06 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Pamela
2013-07-06 00:05 - 2013-07-05 23:46 - 08691304 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition_x64.exe
2013-07-06 00:04 - 2013-07-06 00:04 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition (1).exe
2013-07-06 00:03 - 2013-07-05 23:49 - 00000002 ____A C:\AvastSetup.log
2013-07-05 23:58 - 2012-07-19 14:04 - 00000000 ____D C:\Users\Manuel\Desktop\Musik
2013-07-05 23:50 - 2013-07-05 23:50 - 00000000 ____D C:\ProgramData\bdch
2013-07-05 23:47 - 2013-07-05 23:46 - 06604352 ____A (AVAST Software) C:\Users\Manuel\Downloads\avast_free_antivirus_setup_online.exe
2013-07-05 23:45 - 2013-07-05 23:45 - 00162208 ____A C:\Users\Manuel\Downloads\Antivirus_Free_Edition.exe
2013-07-05 23:43 - 2013-01-19 12:06 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\ProgramData\Alwil Software
2013-07-05 23:42 - 2013-07-05 23:42 - 00000000 ____D C:\Program Files\Alwil Software
2013-07-05 23:28 - 2013-07-05 23:28 - 00176128 ____A (Scendix Software-Vertriebsges. mbH) C:\Windows\SysWOW64\RemoteControl.dll
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Users\Manuel\Documents\Pamela
2013-07-05 23:28 - 2013-07-05 23:28 - 00000000 ____D C:\Program Files (x86)\Pamela
2013-07-05 23:17 - 2013-07-05 23:15 - 09828232 ____A (Scendix Software-Vertriebsges. mbH) C:\Users\Manuel\Downloads\PamelaSetup_Basic_4.8.0.115.exe
2013-07-05 23:01 - 2012-07-19 13:16 - 00116784 ____A C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-05 21:38 - 2010-11-21 09:00 - 00000000 ____D C:\Windows\ShellNew
2013-07-05 21:37 - 2012-07-16 15:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-05 21:37 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-05 21:36 - 2013-07-05 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-05 21:36 - 2012-02-10 12:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-05 21:36 - 2012-01-13 13:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-05 21:32 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-05 21:31 - 2013-07-05 21:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ___RD C:\MSOCache
2013-07-05 21:29 - 2013-07-05 21:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-05 21:23 - 2013-07-05 21:22 - 00000000 ____D C:\Users\Manuel\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-07-05 21:22 - 2013-07-05 21:22 - 00002528 ____A C:\Users\Manuel\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-07-05 21:21 - 2013-07-05 21:21 - 00654904 ____A C:\Users\Manuel\Downloads\setup (1).exe
2013-07-05 20:30 - 2013-07-05 20:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-27 21:31 - 2012-10-13 11:00 - 00013900 ____A C:\Users\Manuel\Desktop\einloggdaten.rar
2013-06-23 11:52 - 2012-11-03 17:56 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\SoftGrid Client
2013-06-22 19:20 - 2013-06-04 21:06 - 00000683 ____A C:\Windows\LkmdfCoInst.log
2013-06-22 19:20 - 2012-12-15 14:09 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-06-22 18:23 - 2012-07-19 16:14 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.minecraft
2013-06-22 17:02 - 2013-06-22 17:02 - 00366692 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.5.exe
2013-06-22 15:17 - 2013-06-22 15:17 - 05420138 ____A C:\Users\Manuel\Downloads\dm_ponyville_b11_fix_d__source_filmmaker_use__by_ata64-d5wxuxp.rar
2013-06-22 15:17 - 2013-06-22 15:16 - 07320263 ____A C:\Users\Manuel\Downloads\dm_ponyville_colors.rar
2013-06-22 15:16 - 2013-06-22 15:16 - 00105205 ____A C:\Users\Manuel\Downloads\V3-shading.zip
2013-06-22 15:16 - 2013-06-22 15:13 - 49325788 ____A C:\Users\Manuel\Downloads\mlp_overhaul_bulk.rar
2013-06-22 15:15 - 2013-06-22 15:15 - 07566053 ____A C:\Users\Manuel\Downloads\Show accurate Gmod pony eyes.rar
2013-06-22 15:15 - 2013-06-22 15:14 - 06878513 ____A C:\Users\Manuel\Downloads\pony_props.rar
2013-06-22 15:13 - 2013-06-22 15:09 - 93035512 ____A C:\Users\Manuel\Downloads\[2012] All Levels at Once - The Pone Way.zip
2013-06-22 15:01 - 2013-03-09 20:55 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Mp3tag
2013-06-22 14:59 - 2013-06-22 14:58 - 21015899 ____A C:\Users\Manuel\Downloads\Pink Lotus - Trusting You.flac
2013-06-22 14:55 - 2013-06-22 14:52 - 93933386 ____A C:\Users\Manuel\Downloads\PrinceWhateverer (ft. Liquid Cobalt and ISMBOFepicly) - Between Fairytales and Happy Endings.wav
2013-06-22 14:43 - 2013-03-09 18:04 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-06-22 14:42 - 2013-06-22 14:41 - 02627888 ____A C:\Users\Manuel\Downloads\mp3tagv256setup.exe
2013-06-22 14:41 - 2013-06-22 14:41 - 00293168 ____A (StarApp) C:\Users\Manuel\Downloads\setup.exe
2013-06-22 14:36 - 2013-06-22 14:34 - 35826338 ____A C:\Users\Manuel\Downloads\Shatter 2.0 Stuttermix.wav
2013-06-21 23:21 - 2012-07-19 15:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-21 23:21 - 2012-07-19 15:01 - 00000000 ____D C:\ProgramData\Skype
2013-06-21 20:03 - 2013-07-06 18:25 - 00382536 ____A (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-05 21:33 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-05 21:33 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 14:06 - 2013-05-31 17:59 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 12:23 - 2013-05-31 18:03 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2013-05-31 18:03 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2013-05-31 18:03 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2013-05-31 18:03 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-15 20:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-15 19:47 - 2013-06-15 19:46 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-15 19:46 - 2013-06-15 19:45 - 26259288 ____A (DVDVideoSoft Ltd.                                           ) C:\Users\Manuel\Downloads\FreeYouTubeToMP3Converter.exe
2013-06-15 19:46 - 2012-08-07 19:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2013-06-15 18:42 - 2013-06-15 18:41 - 40874709 ____A C:\Users\Manuel\Downloads\Aftermath - Go To Sleep.flac
2013-06-15 17:28 - 2013-07-06 18:25 - 00148696 ____A (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2013-06-15 04:25 - 2013-06-15 04:23 - 32243226 ____A C:\Users\Manuel\Downloads\Counterwise - The Garden.flac
2013-06-15 04:17 - 2013-06-15 04:15 - 31907713 ____A C:\Users\Manuel\Downloads\SimGretina - Again feat. EileMonty.flac
2013-06-15 01:30 - 2013-06-15 01:30 - 00000000 ____D C:\Users\Manuel\Downloads\The Small Horse II - The Abuse (1)
2013-06-15 01:00 - 2013-06-15 01:00 - 00000000 ____A C:\Windows\System32\lic2.xml31393
2013-06-14 07:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 05:28 - 2013-06-14 05:26 - 29460547 ____A C:\Users\Manuel\Downloads\Arrows are Magic Vol. 2.zip
2013-06-14 05:16 - 2013-06-14 05:14 - 16163638 ____A C:\Users\Manuel\Downloads\Mr.EVOLVF Goes to Equestria.zip
2013-06-14 05:14 - 2013-06-14 05:00 - 421440053 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP (1).zip
2013-06-14 05:00 - 2013-06-14 04:58 - 61036653 ____A C:\Users\Manuel\Downloads\Errar404 - ALCHEMY EP.zip
2013-06-14 03:25 - 2012-01-13 14:32 - 00000000 ____D C:\Windows\Panther
2013-06-14 03:02 - 2012-01-13 16:22 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-14 02:18 - 2013-06-14 01:18 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 02:18 - 2012-04-16 10:33 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 02:18 - 2012-01-13 15:34 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 11:59 - 2013-06-09 11:41 - 474271039 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down.zip
2013-06-09 04:55 - 2013-06-09 01:57 - 1171823284 ____A C:\Users\Manuel\Downloads\Nicht bestätigt 993688.crdownload
2013-06-09 04:39 - 2013-06-09 03:22 - 160694272 ____A C:\Users\Manuel\Downloads\Rainbow & Rooted - Four's Fall Down (1).zip
2013-06-09 03:23 - 2013-06-09 03:23 - 00000000 ____D C:\Users\Manuel\Downloads\WAS
2013-06-08 16:29 - 2012-07-19 21:35 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-08 16:08 - 2013-06-16 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 15:52 - 2013-06-08 00:42 - 00000000 ____D C:\Program Files (x86)\SaferSurf
2013-06-08 14:28 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 03:45 - 2013-06-08 02:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wise Auto Shutdown
2013-06-08 00:42 - 2013-06-08 00:42 - 00000000 ____D C:\ProgramData\Nutzwerk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 09:14

==================== End Of Log ============================
         
--- --- ---

Alt 08.07.2013, 08:13   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Virenbefall was soll ich tun? - Standard

Virenbefall was soll ich tun?



Adobe und Firefox updaten.

Den Crack-Müll im Download-Ordner hab ich jetzt mal nicht gesehen, sonst müsste ich den Support einstellen. Löschen bitte

Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Virenbefall was soll ich tun?
administrator, antivirus, befall, bitdefender, datei, defender, entfernen, festplatte, file, folge, free, hack, hilfe, hängt, keine musik, microsoft, musik, neu, probleme, programme, scan, security, trustedinstaller, unbekannt, update, viren befall, windows, zugriff verweigert



Ähnliche Themen: Virenbefall was soll ich tun?


  1. Eventueller Virenbefall auf PC
    Plagegeister aller Art und deren Bekämpfung - 15.03.2014 (11)
  2. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 13.12.2013 (5)
  3. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (3)
  4. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 23.01.2012 (11)
  5. Virenbefall
    Log-Analyse und Auswertung - 17.08.2010 (3)
  6. Virenbefall?
    Alles rund um Windows - 21.11.2009 (8)
  7. Virenbefall?
    Log-Analyse und Auswertung - 13.11.2009 (1)
  8. Virenbefall Opera 9
    Plagegeister aller Art und deren Bekämpfung - 08.10.2009 (11)
  9. Virenbefall!
    Plagegeister aller Art und deren Bekämpfung - 08.07.2009 (3)
  10. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 28.04.2009 (1)
  11. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 14.10.2008 (4)
  12. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 07.02.2008 (6)
  13. Virenbefall
    Log-Analyse und Auswertung - 22.10.2006 (3)
  14. Virenbefall
    Log-Analyse und Auswertung - 05.11.2005 (10)
  15. virenbefall
    Plagegeister aller Art und deren Bekämpfung - 28.08.2005 (6)
  16. Virenbefall ?
    Log-Analyse und Auswertung - 25.03.2005 (10)
  17. Virenbefall?
    Plagegeister aller Art und deren Bekämpfung - 15.01.2005 (8)

Zum Thema Virenbefall was soll ich tun? - Erstmal hallo! Bin neu hier und brauche Hilfe, also bitte nicht zu streng sein. Seit einiger Zeit macht mein PC einige Probleme: Er hängt sich öfters auf, sodass alle Programme - Virenbefall was soll ich tun?...
Archiv
Du betrachtest: Virenbefall was soll ich tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.