Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Svchost 14x Offen [PC Langsam]

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.09.2013, 00:02   #1
RockThatBody
 
Svchost 14x Offen [PC Langsam] - Standard

Svchost 14x Offen [PC Langsam]



Ich hab seit einigen Wochen das Problem das ich immer mindestens 14 "Svchost.exe Prozesse" auf hab, ich glaub das ist nicht normal.

Ich hatte mir deswegen das Programm Advanced Systemcare Ultimate geholt, was meinen PC gut entlastet hat, mein altes AV runter geschmissen (Norton 360) und mir Malwarebytes Anti-Malware besorgt.

Seit gestern habe ich das Problem das mein üblicher Taskmanager vom Administrator "mir" gesperrt wurde. Deswegen hab ich mir den Process Explorer von Sysinternals besorgt, und jetzt habe ich Angst das ich mir einen Trojaner, oder des Gleichen eingefangen habe, wobei meine Daten gefährdet sind. Und sobald ich den Internet Explorer schließe, er sich wieder öffnet, so oft ich ihn auch schließe, wieso auch immer.

Wenn es keine andere Lösung als neu Aufsetzen gibt, muss ich die wohl in Kauf nehmen. Nur habe ich mehr als 400gb installierte Spiele auf meiner Festplatte, und die meisten würde ich Beschädigen wenn ich sie auf eine externe als Sicherheit verschiebe. Daher ist neu Aufsetzen dann der aller letzte Ausweg.

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 01:04:37, on 30.09.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
CHROME: 29.0.1547.76
FIREFOX: 3.6.28 (de)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\Asc.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\USERS\CHRIS\DESKTOP\PROGRAMME\PROCESSEXPLORER\PROCEXP.EXE
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Chris\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: (no name) - {d930602d-a752-4287-828b-ef0b1f48825c} - (no file)
R3 - URLSearchHook: (no name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O2 - BHO: (no name) - {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} - (no file)
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe" /m
O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'DefaultAppPool')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - (no CLSID) - (no file)
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AdvancedSystemCareAntivirus (ASCAntivirusSrv) - IOBit - C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

--
End of file - 8612 bytes
         
--- --- ---



-Rock

Alt 30.09.2013, 07:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Svchost 14x Offen [PC Langsam] - Standard

Svchost 14x Offen [PC Langsam]



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 30.09.2013, 14:37   #3
RockThatBody
 
Svchost 14x Offen [PC Langsam] - Standard

Svchost 14x Offen [PC Langsam]



FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01
Ran by Chris (administrator) on 6662C on 30-09-2013 15:30:55
Running from C:\Users\Chris\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
(IOBit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(VMware, Inc.) C:\Windows\system32\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(VMware, Inc.) C:\Windows\system32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\Asc.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Player\vprintproxy.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IObit Malware Fighter] - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1549120 2013-08-16] (IObit)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] - Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Users\Chris\Pictures\Documents\MSDCSC\msdcsc.exe
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [SmartRAM] - C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe [547648 2013-06-14] (IObit)
HKCU\...\Run: [Advanced SystemCare Ultimate] - C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe [512384 2012-11-07] (IObit)
HKCU\...\Run: [MicroUpdate] - C:\Users\Chris\Pictures\Documents\MSDCSC\msdcsc.exe [258048 2013-09-30] (Microsoft Corp.)
HKCU\...\Winlogon: [Shell] explorer.exe <==== ATTENTION 
HKCU\...\Policies\Explorer: [NoInternetOpenWith] 0
MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {5b600e8f-281a-11e1-aac6-001d92637160} - J:\LGAutoRun.exe
MountPoints2: {f8efb509-20b2-11e1-9c9c-001d92637160} - I:\LaunchU3.exe -a
HKU\Admin\...\Run: [SmartRAM] - C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe [ 2013-06-14] (IObit)
HKU\Admin\...\Run: [Advanced SystemCare Ultimate] - C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe [ 2012-11-07] (IObit)
HKU\Admin\...\Winlogon: [Shell] explorer.exe <==== ATTENTION 
HKU\Mutti\...\Run: [SmartRAM] - C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe [ 2013-06-14] (IObit)
HKU\Mutti\...\Run: [Advanced SystemCare Ultimate] - C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe [ 2012-11-07] (IObit)
HKU\Mutti\...\Winlogon: [Shell] explorer.exe <==== ATTENTION 
IMEO\taskmgr.exe: [Debugger] "C:\USERS\CHRIS\DESKTOP\PROGRAMME\PROCESSEXPLORER\PROCEXP.EXE"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: (No Name) - {d930602d-a752-4287-828b-ef0b1f48825c} -  No File
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1394623
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1394623
SearchScopes: HKCU - DefaultScope {A717620E-0CBE-4B16-B70D-9D459CAA4352} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://isearch.babylon.com/?q={searchTerms}&affID=119776&babsrc=SP_ss_gr2&mntrId=A40B0015AF5CF873
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0826394C-A544-4AC1-90DB-38D701C6AC80}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {A717620E-0CBE-4B16-B70D-9D459CAA4352} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=o0&geo=DE&ver=6
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1394623
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -  No File
BHO: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL (IObit)
BHO: No Name - {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -  No File
Toolbar: HKCU - No Name - {D930602D-A752-4287-828B-EF0B1F48825C} -  No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - No CLSID Value - 
Handler: wlpg - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\l68t55wg.default-1370461952014
FF user.js: detected! => C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\l68t55wg.default-1370461952014\user.js
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: google.de
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=902615&ilc=12&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @IObit.com/np_Asc_Plugin - C:\Program Files\IObit\Advanced SystemCare Ultimate\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Chris\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Chris\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Chris\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\l68t55wg.default-1370461952014\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\l68t55wg.default-1370461952014\Extensions\ascsurfingprotection@iobit.com
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome: 
=======
CHR Extension: (YouTube Center) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcegdpionpopahcglnfiiioapcclamdj\2.0.1_0
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
CHR Extension: () - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Chris\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASC_GhromePlugin.crx
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
R2 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [623936 2013-07-08] (IOBit)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4137464 2011-05-04] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [129112 2013-07-08] (Sandboxie Holdings, LLC)
R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357456 2013-02-26] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [721048 2012-10-11] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [436304 2013-02-26] (VMware, Inc.)
S4 aspnet_state; 
S2 clr_optimization_v4.0.30319_32; 
S4 NetMsmqActivator; 
S4 NetPipeActivator; 
S4 NetTcpActivator; 

==================== Drivers (Whitelisted) ====================

R2 bdfsfltr; C:\Windows\system32\Drivers\bdfsfltr.sys [353096 2012-03-15] (BitDefender)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [16896 2010-05-12] (Danish Wireless Design A/S)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-10-11] (VMware, Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [32000 2012-01-11] (ManyCam LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22400 2012-02-22] (ManyCam LLC)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [856928 2013-08-23] (Ralink Technology Corp.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 PStrip; C:\Windows\System32\drivers\pstrip.sys [27992 2007-07-15] (EnTech Taiwan)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [31752 2013-03-26] (IObit.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [159208 2013-07-08] (Sandboxie Holdings, LLC)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2013-05-22] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [340624 2011-11-21] (BitDefender S.R.L.)
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-03-26] (IObit.com)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [26064 2013-02-26] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2013-02-26] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2013-02-26] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-02-26] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [62416 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61464 2012-10-24] (VMware, Inc.)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 EagleXNt; No ImagePath
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [x]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [x]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [x]
S3 SANDRA; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 vtany; No ImagePath
S3 XDva387; No ImagePath
S3 XDva392; No ImagePath
S3 XDva393; No ImagePath
S3 XDva396; No ImagePath
S3 XDva397; No ImagePath
S3 xhunter1; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-30 15:30 - 2013-09-30 15:30 - 00000000 ____D C:\FRST
2013-09-30 15:29 - 2013-09-30 15:30 - 01086873 _____ (Farbar) C:\Users\Chris\Downloads\FRST.exe
2013-09-30 15:08 - 2013-09-30 15:08 - 00258048 _____ (Microsoft Corp.) C:\Users\Chris\Downloads\( uploadMB.com ) sehrWichtig.exe
2013-09-30 15:08 - 2013-09-30 15:08 - 00000000 ____D C:\Users\Chris\Pictures\Documents\MSDCSC
2013-09-30 14:38 - 2013-09-30 14:38 - 00673792 _____ (Microsoft Corp.) C:\Users\Chris\Downloads\( uploadMB.com ) Bildershowjpg.exe
2013-09-30 14:31 - 2013-09-30 14:31 - 01366016 _____ C:\Users\Chris\Downloads\Show.jpg.exe
2013-09-30 01:04 - 2013-09-30 01:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Chris\Downloads\HijackThis.exe
2013-09-30 01:04 - 2013-09-30 01:04 - 00008613 _____ C:\Users\Chris\Downloads\hijackthis.log
2013-09-29 22:35 - 2013-09-29 22:35 - 01331755 _____ C:\Users\Chris\Downloads\Crypted.rar
2013-09-29 22:04 - 2013-09-29 22:04 - 01406232 _____ C:\Users\Chris\Downloads\yserver.exe
2013-09-29 21:24 - 2013-09-29 21:24 - 00624554 _____ C:\Users\Chris\Downloads\U.R.G.E CRYPTER.rar
2013-09-29 20:39 - 2013-09-29 20:39 - 02945768 _____ C:\Users\Chris\Downloads\installproXPN.exe
2013-09-29 20:39 - 2013-09-29 20:39 - 01994327 _____ C:\Users\Chris\Downloads\mac.dmg
2013-09-29 18:16 - 2013-09-29 18:17 - 00925400 _____ C:\Users\Chris\Downloads\Phoenix_Enregistreur.rar
2013-09-29 16:13 - 2013-02-26 02:28 - 00436304 _____ (VMware, Inc.) C:\Windows\system32\vmnat.exe
2013-09-29 16:13 - 2013-02-26 02:28 - 00357456 _____ (VMware, Inc.) C:\Windows\system32\vmnetdhcp.exe
2013-09-29 16:13 - 2013-02-26 02:28 - 00026192 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2013-09-29 16:13 - 2013-02-26 02:27 - 00026064 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2013-09-29 16:13 - 2012-10-24 14:17 - 00063128 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2013-09-29 16:13 - 2012-10-24 14:16 - 00061464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2013-09-29 16:12 - 2013-02-26 02:28 - 00780368 _____ (VMware, Inc.) C:\Windows\system32\vnetlib.dll
2013-09-29 16:12 - 2012-10-11 16:15 - 00041496 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2013-09-29 16:11 - 2013-09-29 16:11 - 00002078 _____ C:\Users\Public\Desktop\VMware Player.lnk
2013-09-29 16:10 - 2013-09-30 14:19 - 00000000 ____D C:\ProgramData\VMware
2013-09-29 16:10 - 2013-09-29 16:11 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-09-29 16:10 - 2013-09-29 16:10 - 00000000 ____D C:\Program Files\VMware
2013-09-29 16:06 - 2013-09-29 16:08 - 79676336 _____ (VMware, Inc.) C:\Users\Chris\Downloads\VMware-player-5.0.2-1031769.exe
2013-09-29 15:55 - 2013-09-29 15:55 - 00974848 _____ (Microsoft Corporation) C:\Windows\mfc70.dll
2013-09-29 15:51 - 2013-09-29 16:02 - 00000000 ___HD C:\ProgramData\sa
2013-09-29 15:51 - 2013-09-29 16:01 - 00000000 ____D C:\ProgramData\AgentSS
2013-09-29 15:51 - 2013-09-29 15:51 - 00000000 ____D C:\ProgramData\AgentSL
2013-09-29 15:48 - 2013-09-29 15:48 - 03131521 _____ C:\Users\Chris\Downloads\spyagent7.zip
2013-09-29 04:43 - 2013-09-29 04:56 - 00000000 ____D C:\Users\Chris\Pictures\Documents\Universe Sandbox
2013-09-29 04:43 - 2013-09-29 04:43 - 00000000 ____D C:\Users\Chris\AppData\Roaming\System
2013-09-29 04:43 - 2013-09-29 04:43 - 00000000 ____D C:\Users\Chris\AppData\Local\Universe Sandbox
2013-09-29 04:39 - 2013-09-29 04:39 - 00000215 _____ C:\Users\Chris\Desktop\Universe Sandbox.url
2013-09-28 23:56 - 2013-09-29 01:06 - 2463242240 _____ C:\Users\Chris\Downloads\X15-65812.iso
2013-09-28 23:52 - 2013-09-28 23:52 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native_0.7.18.921 (2).exe
2013-09-28 23:51 - 2013-09-28 23:52 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native_0.7.18.921 (1).exe
2013-09-28 05:23 - 2013-09-28 05:23 - 00000057 _____ C:\Users\Chris\Desktop\Framework-Problem Thread.txt
2013-09-28 04:58 - 2013-09-28 04:58 - 00000000 ____D C:\0b06bf19b0b87912e23896f2
2013-09-28 04:47 - 2013-09-28 04:49 - 50449456 _____ (Microsoft Corporation) C:\Users\Chris\Desktop\dotNetFx40_Full_x86_x64.exe
2013-09-28 04:14 - 2013-09-28 04:15 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Windows\ShellNew
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Windows\addins
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Program Files\MSBuild
2013-09-28 03:37 - 2013-09-28 03:37 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native (1).exe
2013-09-28 03:32 - 2013-09-28 03:32 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native.exe
2013-09-28 03:31 - 2013-09-28 03:31 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native_0.7.18.921.exe
2013-09-27 17:00 - 2013-09-27 17:03 - 00000000 ____D C:\Users\Chris\Downloads\Neuer Ordner
2013-09-27 16:58 - 2013-09-27 16:58 - 00824581 _____ C:\Users\Chris\Downloads\facebook-kevinweidner96.zip
2013-09-26 20:23 - 2013-09-26 20:23 - 00001665 _____ C:\Users\Chris\Desktop\Epvp -Like ex.txt
2013-09-26 01:10 - 2013-09-26 01:14 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-26 01:10 - 2013-09-26 01:10 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-09-26 01:08 - 2013-09-26 01:08 - 00000000 ____D C:\ProgramData\Apple
2013-09-26 00:53 - 2013-09-26 00:53 - 00000000 _____ C:\Users\Chris\Desktop\Kristin Grimm.txt
2013-09-25 19:42 - 2013-09-25 19:42 - 363253332 _____ C:\Windows\MEMORY.DMP
2013-09-25 19:42 - 2013-09-25 19:42 - 00269776 _____ C:\Windows\Minidump\092513-31559-01.dmp
2013-09-25 16:00 - 2013-09-25 16:00 - 00000020 _____ C:\Windows\¸öš
2013-09-25 15:53 - 2013-08-20 00:47 - 00000427 _____ C:\Users\Chris\Desktop\readme.txt
2013-09-25 13:36 - 2013-09-25 16:18 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-09-25 13:35 - 2013-05-22 18:49 - 00029528 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2013-09-25 13:35 - 2013-05-22 18:49 - 00015672 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
2013-09-25 13:30 - 2013-09-30 13:08 - 00013044 _____ C:\Windows\PFRO.log
2013-09-24 16:57 - 2013-09-24 16:57 - 00001885 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-24 15:36 - 2013-09-24 15:36 - 00000000 ____D C:\Program Files\OpenVPN
2013-09-24 15:18 - 2013-09-24 15:19 - 00000000 ____D C:\Users\Chris\AppData\Roaming\EurekaLog
2013-09-24 14:01 - 2013-09-30 13:13 - 00003864 _____ C:\Windows\setupact.log
2013-09-24 14:01 - 2013-09-24 14:01 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 00:13 - 2013-09-24 00:14 - 00000000 ____D C:\ef61da08fb0863dd2b6ee2352e11db81
2013-09-23 23:02 - 2013-09-23 23:02 - 00000000 ___RD C:\Sandbox
2013-09-22 18:40 - 2013-09-27 22:14 - 00003455 _____ C:\Users\Chris\Desktop\FB.txt
2013-09-22 15:29 - 2013-09-29 17:11 - 00000000 ____D C:\Users\Chris\Desktop\Neuer Ordner
2013-09-20 16:17 - 2013-09-20 16:17 - 00000000 ____D C:\Users\Chris\AppData\Roaming\S.A.D
2013-09-20 15:59 - 2013-09-20 16:11 - 00000191 _____ C:\Users\Chris\Desktop\GhostVPN.txt
2013-09-18 15:22 - 2013-09-18 15:22 - 00000000 ____D C:\Users\Chris\AppData\Local\Razer
2013-09-18 15:22 - 2013-09-18 15:22 - 00000000 ____D C:\ProgramData\Razer
2013-09-18 15:22 - 2013-09-18 15:22 - 00000000 ____D C:\Program Files\Razer
2013-09-18 15:14 - 2013-09-18 15:14 - 00000000 ____D C:\Users\Chris\AppData\Roaming\ATI
2013-09-18 15:14 - 2013-09-18 15:14 - 00000000 ____D C:\Users\Chris\AppData\Local\ATI
2013-09-18 15:14 - 2013-09-18 15:14 - 00000000 ____D C:\ProgramData\ATI
2013-09-18 15:13 - 2013-09-18 15:13 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\ProgramData\AMD
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\Program Files\AMD AVT
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\Program Files\AMD APP
2013-09-18 15:06 - 2013-09-18 15:11 - 00000000 ____D C:\Program Files\ATI Technologies
2013-09-18 15:06 - 2013-09-18 15:06 - 00000000 ____D C:\Program Files\ATI
2013-09-18 15:05 - 2013-09-18 15:05 - 00000000 ____D C:\AMD
2013-09-18 14:48 - 2013-09-18 14:48 - 00000000 ____D C:\Program Files\12noon Display Changer
2013-09-18 03:24 - 2013-09-18 03:24 - 00119656 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-18 03:18 - 2013-09-18 03:18 - 00000000 ____D C:\Program Files\Realtek
2013-09-18 03:18 - 2013-09-18 03:18 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-18 03:18 - 2013-03-29 21:42 - 02646088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2013-09-18 03:18 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2013-09-18 03:18 - 2013-03-29 17:51 - 00860208 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-09-18 03:18 - 2013-03-29 17:10 - 00449481 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-09-18 03:18 - 2013-03-27 16:57 - 00112200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2013-09-18 03:18 - 2013-03-26 17:06 - 02536008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2013-09-18 03:18 - 2013-03-26 17:04 - 02386464 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2013-09-18 03:18 - 2013-03-26 15:40 - 03237448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2013-09-18 03:18 - 2013-03-26 14:38 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2013-09-18 03:18 - 2013-03-25 17:32 - 03180264 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-09-18 03:18 - 2013-03-23 03:43 - 00181960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2013-09-18 03:18 - 2013-03-21 00:26 - 13769496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2013-09-18 03:18 - 2013-03-21 00:26 - 01931032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2013-09-18 03:18 - 2013-03-20 13:17 - 08872216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2013-09-18 03:18 - 2013-03-20 13:17 - 01822488 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2013-09-18 03:18 - 2013-03-20 13:17 - 01656600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2013-09-18 03:18 - 2013-03-20 13:17 - 00776984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2013-09-18 03:18 - 2013-03-15 19:33 - 04335384 _____ (A-volute) C:\Windows\system32\RTKSMlfx.dll
2013-09-18 03:18 - 2013-03-15 19:32 - 00852824 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-09-18 03:18 - 2013-03-08 12:51 - 00849968 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-09-18 03:18 - 2013-02-27 05:37 - 00699680 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2013-09-18 03:18 - 2013-02-27 05:37 - 00547104 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech32.dll
2013-09-18 03:18 - 2013-02-27 05:37 - 00336672 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo32.dll
2013-09-18 03:18 - 2013-02-27 05:37 - 00184608 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2013-09-18 03:18 - 2013-02-19 18:52 - 00765000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2013-09-18 03:18 - 2013-01-17 19:32 - 00639256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2013-09-18 03:18 - 2013-01-16 16:02 - 02079816 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-09-18 03:18 - 2012-12-12 11:17 - 00350664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-09-18 03:18 - 2012-10-02 14:39 - 00426952 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2013-09-18 03:18 - 2012-10-02 14:39 - 00402888 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2013-09-18 03:18 - 2012-10-02 14:39 - 00346056 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2013-09-18 03:18 - 2012-09-10 20:06 - 00549240 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2013-09-18 03:18 - 2012-08-31 19:17 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2013-09-18 03:18 - 2012-08-31 19:17 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2013-09-18 03:18 - 2012-08-31 19:17 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2013-09-18 03:18 - 2012-08-31 19:17 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2013-09-18 03:18 - 2012-08-31 19:17 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2013-09-18 03:18 - 2012-07-15 21:13 - 00349048 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-09-18 03:18 - 2012-06-20 17:26 - 00090624 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-09-18 03:18 - 2012-03-08 11:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2013-09-18 03:18 - 2012-01-30 11:42 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2013-09-18 03:18 - 2012-01-10 10:20 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2013-09-18 03:18 - 2011-11-22 16:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2013-09-18 03:18 - 2011-09-02 14:21 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2013-09-18 03:18 - 2011-09-02 14:21 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2013-09-18 03:18 - 2011-09-02 14:21 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2013-09-18 03:18 - 2011-08-23 17:00 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2013-09-18 03:18 - 2011-05-31 09:42 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2013-09-18 03:18 - 2011-03-17 12:16 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-09-18 03:18 - 2011-03-07 17:03 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-09-18 03:18 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2013-09-18 03:18 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2013-09-18 03:18 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2013-09-18 03:18 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2013-09-18 03:18 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2013-09-18 03:18 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2013-09-18 03:18 - 2010-09-27 09:34 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-09-18 03:18 - 2009-12-04 15:43 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2013-09-18 03:18 - 2009-11-24 09:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2013-09-18 03:18 - 2009-11-24 09:55 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2013-09-18 03:18 - 2009-11-24 09:55 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2013-09-18 03:18 - 2009-11-24 09:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2013-09-18 03:18 - 2009-11-18 18:42 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2013-09-18 03:03 - 2013-09-18 03:04 - 03818648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-18 02:03 - 2013-09-18 02:03 - 00000146 _____ C:\Windows\{C6B51FD8-942C-45FE-9704-19B687372691}.ini
2013-09-18 02:03 - 2013-09-18 02:03 - 00000000 _____ C:\Windows\system32\{C6B51FD8-942C-45FE-9704-19B687372691}.ini
2013-09-17 19:37 - 2013-09-17 19:37 - 00000000 _____ C:\Users\Chris\Desktop\httpwww.youtube.comuserLaraLovesTBBTvideos.txt
2013-09-17 18:40 - 2013-09-17 18:40 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Guild Wars 2
2013-09-17 15:07 - 2013-09-24 13:44 - 58654720 _____ C:\Windows\system32\config\software.iobit
2013-09-16 16:55 - 2013-09-16 16:56 - 00000118 _____ C:\Users\Chris\Desktop\Neues Textdokument.txt
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\Mutti\AppData\Roaming\onOne Software
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\onOne Software
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Adobe
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2013-09-15 23:57 - 2013-09-15 23:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\onOne Software
2013-09-15 23:57 - 2013-09-15 23:57 - 00000000 ____D C:\ProgramData\Nalpeiron
2013-09-15 23:55 - 2013-09-15 23:59 - 00000000 ____D C:\Users\Chris\AppData\Roaming\onOne Software
2013-09-15 23:54 - 2013-09-15 23:54 - 00000000 ____D C:\Program Files\onOne Software
2013-09-15 23:53 - 2013-09-15 23:55 - 00000000 ____D C:\ProgramData\onOne Software
2013-09-12 13:54 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-09-12 13:54 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-09-12 13:54 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-09-12 13:54 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-09-12 13:54 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-09-12 13:54 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-09-12 03:12 - 2013-09-12 03:12 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 ____D C:\Users\DefaultAppPool
2013-09-12 03:12 - 2013-02-02 23:27 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2013-09-12 03:12 - 2012-08-21 16:34 - 00059112 _____ C:\Users\DefaultAppPool\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-12 03:12 - 2009-07-14 06:42 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-12 03:12 - 2009-07-14 06:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-12 03:11 - 2013-09-12 03:11 - 00000000 ____D C:\Windows\Sun
2013-09-12 03:10 - 2013-09-12 03:10 - 00000000 ____D C:\ProgramData\Oracle
2013-09-12 03:08 - 2013-09-12 03:08 - 00000000 ____D C:\ProgramData\Sun
2013-09-12 03:05 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 03:05 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 03:05 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 03:05 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 03:05 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 03:05 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 03:05 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 23:11 - 2013-09-11 23:11 - 00000000 ____D C:\Users\Chris\Skype Konvis
2013-09-11 22:55 - 2013-09-11 22:55 - 00000000 ____D C:\Windows\system32\BestPractices
2013-09-11 22:55 - 2013-09-11 22:55 - 00000000 ____D C:\inetpub
2013-09-11 22:01 - 2013-09-11 22:01 - 00000000 _____ C:\Users\Chris\Desktop\httpwww.youtube.comuserLeesgotBlubvideos.txt
2013-09-11 15:43 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 15:43 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 15:43 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 15:43 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 15:43 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 15:43 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 15:43 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 15:43 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 15:42 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 15:42 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 02:37 - 2013-09-11 02:37 - 00001023 _____ C:\Users\Mutti\Desktop\Notepad++.lnk
2013-09-11 02:37 - 2013-09-11 02:37 - 00001023 _____ C:\Users\Chris\Desktop\Notepad++.lnk
2013-09-11 02:37 - 2013-09-11 02:37 - 00001023 _____ C:\Users\Admin\Desktop\Notepad++.lnk
2013-09-11 02:37 - 2013-09-11 02:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-09-11 02:36 - 2013-09-11 02:39 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Notepad++
2013-09-11 02:36 - 2013-09-11 02:37 - 00000000 ____D C:\Program Files\Notepad++
2013-09-11 02:14 - 2013-09-28 20:08 - 00000000 ____D C:\Users\Chris\Desktop\Dota 2 Playlist
2013-09-11 01:58 - 2013-09-11 02:03 - 00000000 ____D C:\Program Files\Super Mouse Auto Clicker
2013-09-11 01:46 - 2013-09-11 02:48 - 00000000 ____D C:\Users\Chris\AppData\Roaming\asoftech
2013-09-11 01:41 - 2013-09-11 01:41 - 00000080 __RSH C:\Windows\system32\FA54FF268A.dll
2013-09-11 01:41 - 2013-09-11 01:41 - 00000000 ____D C:\ProgramData\Protexis
2013-09-11 01:40 - 2013-09-11 01:40 - 00000000 ____D C:\ProgramData\Macrovision
2013-09-11 01:29 - 2013-09-11 01:29 - 00000000 ____D C:\Program Files\fabi.me
2013-09-10 17:44 - 2004-05-13 14:15 - 00115920 _____ (Microsoft Corporation) C:\Windows\system32\MSINET.OCX
2013-09-08 04:59 - 2013-09-08 05:14 - 00000442 _____ C:\Users\Chris\Desktop\Seiten die ich laden muss.txt
2013-09-08 04:18 - 2013-09-09 23:50 - 00000000 ____D C:\Users\Chris\dwhelper
2013-09-06 23:24 - 2013-09-11 00:41 - 00005120 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-06 23:24 - 2013-09-06 23:24 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Solveig Multimedia
2013-09-06 23:20 - 2013-09-11 00:40 - 00000000 ____D C:\Users\Chris\Pictures\Documents\HyperCam3
2013-09-06 23:20 - 2013-09-06 23:21 - 00000000 ____D C:\Program Files\HyperCam 3
2013-09-06 23:20 - 2013-09-06 23:20 - 00001001 _____ C:\Users\Chris\Desktop\HyperCam 3.lnk
2013-09-06 23:20 - 2013-09-06 23:20 - 00000000 ____D C:\Users\Chris\AppData\Roaming\HyperCam
2013-09-06 23:20 - 2013-09-06 23:20 - 00000000 ____D C:\Program Files\Common Files\Solveig Multimedia
2013-09-06 23:17 - 2013-09-06 23:18 - 00000000 ____D C:\Windows\DE042823C3594B87B66B308057E8B6AF.TMP
2013-09-06 15:10 - 2013-09-06 15:10 - 00001267 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-09-06 15:10 - 2013-09-06 15:10 - 00000000 ____D C:\IObit
2013-09-06 15:10 - 2012-03-15 14:16 - 00353096 _____ (BitDefender) C:\Windows\system32\Drivers\bdfsfltr.sys
2013-09-06 15:10 - 2011-11-21 18:58 - 00340624 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-09-06 15:08 - 2013-09-06 15:09 - 60430120 _____ (IObit                                                       ) C:\Users\Chris\Pictures\Documents\asc-ultimate-setup.exe
2013-09-05 15:37 - 2013-09-05 15:52 - 00000428 _____ C:\Users\Chris\Desktop\qwfqwfqwfg.txt
2013-09-05 02:44 - 2013-09-05 02:44 - 00000000 ____D C:\Users\Chris\AppData\Local\DownloadGuide
2013-09-04 19:55 - 2013-09-28 03:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-03 17:49 - 2013-09-03 17:49 - 00000017 _____ C:\Users\Chris\AppData\Local\resmon.resmoncfg
2013-09-01 20:18 - 2013-09-01 20:18 - 00000042 _____ C:\Users\Chris\Desktop\Track für FB.txt
2013-09-01 14:00 - 2013-09-10 13:35 - 32415744 _____ C:\Windows\system32\config\components.iobit
2013-08-31 22:26 - 2013-09-29 17:11 - 00000000 ____D C:\Users\Chris\Desktop\FB

==================== One Month Modified Files and Folders =======

2013-09-30 15:30 - 2013-09-30 15:30 - 00000000 ____D C:\FRST
2013-09-30 15:30 - 2013-09-30 15:29 - 01086873 _____ (Farbar) C:\Users\Chris\Downloads\FRST.exe
2013-09-30 15:14 - 2013-08-30 19:49 - 00000000 ____D C:\Users\Chris\AppData\Local\VMware
2013-09-30 15:08 - 2013-09-30 15:08 - 00258048 _____ (Microsoft Corp.) C:\Users\Chris\Downloads\( uploadMB.com ) sehrWichtig.exe
2013-09-30 15:08 - 2013-09-30 15:08 - 00000000 ____D C:\Users\Chris\Pictures\Documents\MSDCSC
2013-09-30 14:38 - 2013-09-30 14:38 - 00673792 _____ (Microsoft Corp.) C:\Users\Chris\Downloads\( uploadMB.com ) Bildershowjpg.exe
2013-09-30 14:31 - 2013-09-30 14:31 - 01366016 _____ C:\Users\Chris\Downloads\Show.jpg.exe
2013-09-30 14:19 - 2013-09-29 16:10 - 00000000 ____D C:\ProgramData\VMware
2013-09-30 13:48 - 2013-08-30 19:49 - 00000000 ____D C:\Users\Chris\AppData\Roaming\VMware
2013-09-30 13:14 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-30 13:14 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-30 13:13 - 2013-09-24 14:01 - 00003864 _____ C:\Windows\setupact.log
2013-09-30 13:12 - 2012-10-16 20:36 - 02075166 _____ C:\Windows\WindowsUpdate.log
2013-09-30 13:08 - 2013-09-25 13:30 - 00013044 _____ C:\Windows\PFRO.log
2013-09-30 13:08 - 2011-12-06 13:28 - 00000000 ____D C:\Windows\Panther
2013-09-30 13:08 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-30 13:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2013-09-30 01:04 - 2013-09-30 01:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Chris\Downloads\HijackThis.exe
2013-09-30 01:04 - 2013-09-30 01:04 - 00008613 _____ C:\Users\Chris\Downloads\hijackthis.log
2013-09-30 00:47 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-30 00:40 - 2013-08-30 18:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-29 22:35 - 2013-09-29 22:35 - 01331755 _____ C:\Users\Chris\Downloads\Crypted.rar
2013-09-29 22:04 - 2013-09-29 22:04 - 01406232 _____ C:\Users\Chris\Downloads\yserver.exe
2013-09-29 21:24 - 2013-09-29 21:24 - 00624554 _____ C:\Users\Chris\Downloads\U.R.G.E CRYPTER.rar
2013-09-29 20:39 - 2013-09-29 20:39 - 02945768 _____ C:\Users\Chris\Downloads\installproXPN.exe
2013-09-29 20:39 - 2013-09-29 20:39 - 01994327 _____ C:\Users\Chris\Downloads\mac.dmg
2013-09-29 18:17 - 2013-09-29 18:16 - 00925400 _____ C:\Users\Chris\Downloads\Phoenix_Enregistreur.rar
2013-09-29 17:11 - 2013-09-22 15:29 - 00000000 ____D C:\Users\Chris\Desktop\Neuer Ordner
2013-09-29 17:11 - 2013-08-31 22:26 - 00000000 ____D C:\Users\Chris\Desktop\FB
2013-09-29 16:16 - 2013-08-30 22:16 - 00000000 ____D C:\Users\Chris\Pictures\Documents\Virtual Machines
2013-09-29 16:11 - 2013-09-29 16:11 - 00002078 _____ C:\Users\Public\Desktop\VMware Player.lnk
2013-09-29 16:11 - 2013-09-29 16:10 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-09-29 16:11 - 2011-12-06 13:51 - 01737422 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-29 16:10 - 2013-09-29 16:10 - 00000000 ____D C:\Program Files\VMware
2013-09-29 16:08 - 2013-09-29 16:06 - 79676336 _____ (VMware, Inc.) C:\Users\Chris\Downloads\VMware-player-5.0.2-1031769.exe
2013-09-29 16:02 - 2013-09-29 15:51 - 00000000 ___HD C:\ProgramData\sa
2013-09-29 16:01 - 2013-09-29 15:51 - 00000000 ____D C:\ProgramData\AgentSS
2013-09-29 15:55 - 2013-09-29 15:55 - 00974848 _____ (Microsoft Corporation) C:\Windows\mfc70.dll
2013-09-29 15:51 - 2013-09-29 15:51 - 00000000 ____D C:\ProgramData\AgentSL
2013-09-29 15:48 - 2013-09-29 15:48 - 03131521 _____ C:\Users\Chris\Downloads\spyagent7.zip
2013-09-29 15:33 - 2012-07-01 13:23 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2013-09-29 04:56 - 2013-09-29 04:43 - 00000000 ____D C:\Users\Chris\Pictures\Documents\Universe Sandbox
2013-09-29 04:56 - 2013-08-25 00:29 - 00000000 ____D C:\Program Files\Steam
2013-09-29 04:56 - 2012-12-30 16:27 - 00000000 __SHD C:\Users\Chris\AppData\Roaming\wyUpdate AU
2013-09-29 04:43 - 2013-09-29 04:43 - 00000000 ____D C:\Users\Chris\AppData\Roaming\System
2013-09-29 04:43 - 2013-09-29 04:43 - 00000000 ____D C:\Users\Chris\AppData\Local\Universe Sandbox
2013-09-29 04:39 - 2013-09-29 04:39 - 00000215 _____ C:\Users\Chris\Desktop\Universe Sandbox.url
2013-09-29 01:06 - 2013-09-28 23:56 - 2463242240 _____ C:\Users\Chris\Downloads\X15-65812.iso
2013-09-28 23:52 - 2013-09-28 23:52 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native_0.7.18.921 (2).exe
2013-09-28 23:52 - 2013-09-28 23:51 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native_0.7.18.921 (1).exe
2013-09-28 23:33 - 2011-12-09 21:20 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Skype
2013-09-28 22:08 - 2013-08-21 16:27 - 01857536 ___SH C:\Users\Chris\Desktop\Thumbs.db
2013-09-28 20:08 - 2013-09-11 02:14 - 00000000 ____D C:\Users\Chris\Desktop\Dota 2 Playlist
2013-09-28 20:08 - 2013-08-23 01:20 - 00735744 ___SH C:\Users\Chris\Downloads\Thumbs.db
2013-09-28 05:23 - 2013-09-28 05:23 - 00000057 _____ C:\Users\Chris\Desktop\Framework-Problem Thread.txt
2013-09-28 04:58 - 2013-09-28 04:58 - 00000000 ____D C:\0b06bf19b0b87912e23896f2
2013-09-28 04:49 - 2013-09-28 04:47 - 50449456 _____ (Microsoft Corporation) C:\Users\Chris\Desktop\dotNetFx40_Full_x86_x64.exe
2013-09-28 04:15 - 2013-09-28 04:14 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Windows\ShellNew
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Windows\addins
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-28 04:14 - 2013-09-28 04:14 - 00000000 ____D C:\Program Files\MSBuild
2013-09-28 04:14 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-09-28 04:14 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-09-28 04:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-09-28 04:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-28 03:57 - 2011-12-16 22:26 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-09-28 03:52 - 2013-09-04 19:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-28 03:45 - 2013-05-24 01:28 - 00000000 ____D C:\Program Files\Microsoft CAPICOM 2.1.0.2
2013-09-28 03:37 - 2013-09-28 03:37 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native (1).exe
2013-09-28 03:32 - 2013-09-28 03:32 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native.exe
2013-09-28 03:31 - 2013-09-28 03:31 - 09227296 _____ (BlueStack Systems Inc.) C:\Users\Chris\Downloads\BlueStacks-SplitInstaller_native_0.7.18.921.exe
2013-09-28 01:41 - 2013-08-27 18:56 - 00000000 ____D C:\Users\Chris\AppData\Roaming\ICQ
2013-09-27 22:14 - 2013-09-22 18:40 - 00003455 _____ C:\Users\Chris\Desktop\FB.txt
2013-09-27 17:03 - 2013-09-27 17:00 - 00000000 ____D C:\Users\Chris\Downloads\Neuer Ordner
2013-09-27 16:58 - 2013-09-27 16:58 - 00824581 _____ C:\Users\Chris\Downloads\facebook-kevinweidner96.zip
2013-09-27 16:14 - 2013-04-08 22:37 - 00000000 ___RD C:\Users\Chris\SkyDrive
2013-09-26 20:23 - 2013-09-26 20:23 - 00001665 _____ C:\Users\Chris\Desktop\Epvp -Like ex.txt
2013-09-26 12:57 - 2013-04-29 15:08 - 00000000 ___RD C:\Users\Chris\Desktop\Programme
2013-09-26 01:14 - 2013-09-26 01:10 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-26 01:10 - 2013-09-26 01:10 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-09-26 01:08 - 2013-09-26 01:08 - 00000000 ____D C:\ProgramData\Apple
2013-09-26 00:53 - 2013-09-26 00:53 - 00000000 _____ C:\Users\Chris\Desktop\Kristin Grimm.txt
2013-09-25 19:42 - 2013-09-25 19:42 - 363253332 _____ C:\Windows\MEMORY.DMP
2013-09-25 19:42 - 2013-09-25 19:42 - 00269776 _____ C:\Windows\Minidump\092513-31559-01.dmp
2013-09-25 19:42 - 2011-12-07 11:35 - 00000000 ____D C:\Windows\Minidump
2013-09-25 16:18 - 2013-09-25 13:36 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-09-25 16:00 - 2013-09-25 16:00 - 00000020 _____ C:\Windows\¸öš
2013-09-24 16:57 - 2013-09-24 16:57 - 00001885 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-24 15:36 - 2013-09-24 15:36 - 00000000 ____D C:\Program Files\OpenVPN
2013-09-24 15:19 - 2013-09-24 15:18 - 00000000 ____D C:\Users\Chris\AppData\Roaming\EurekaLog
2013-09-24 15:09 - 2011-12-22 18:57 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FileZilla
2013-09-24 14:01 - 2013-09-24 14:01 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 13:44 - 2013-09-17 15:07 - 58654720 _____ C:\Windows\system32\config\software.iobit
2013-09-24 13:44 - 2013-08-29 18:25 - 05779456 _____ C:\Windows\system32\config\default.iobit
2013-09-24 13:44 - 2013-08-29 18:25 - 00106496 _____ C:\Windows\system32\config\sam.iobit
2013-09-24 13:44 - 2013-08-29 18:25 - 00032768 _____ C:\Windows\system32\config\security.iobit
2013-09-24 13:44 - 2011-12-07 11:11 - 00000000 ____D C:\Users\Chris
2013-09-24 00:14 - 2013-09-24 00:13 - 00000000 ____D C:\ef61da08fb0863dd2b6ee2352e11db81
2013-09-23 23:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-23 23:02 - 2013-09-23 23:02 - 00000000 ___RD C:\Sandbox
2013-09-21 15:20 - 2011-12-17 22:19 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TS3Client
2013-09-20 21:53 - 2011-12-17 22:19 - 00000000 ____D C:\Users\Chris\AppData\Local\TeamSpeak 3 Client
2013-09-20 16:17 - 2013-09-20 16:17 - 00000000 ____D C:\Users\Chris\AppData\Roaming\S.A.D
2013-09-20 16:11 - 2013-09-20 15:59 - 00000191 _____ C:\Users\Chris\Desktop\GhostVPN.txt
2013-09-18 15:36 - 2013-04-29 15:08 - 00000000 ____D C:\Users\Chris\Desktop\All Stuff
2013-09-18 15:23 - 2013-08-12 04:02 - 00000000 ____D C:\ProgramData\IObit
2013-09-18 15:22 - 2013-09-18 15:22 - 00000000 ____D C:\Users\Chris\AppData\Local\Razer
2013-09-18 15:22 - 2013-09-18 15:22 - 00000000 ____D C:\ProgramData\Razer
2013-09-18 15:22 - 2013-09-18 15:22 - 00000000 ____D C:\Program Files\Razer
2013-09-18 15:14 - 2013-09-18 15:14 - 00000000 ____D C:\Users\Chris\AppData\Roaming\ATI
2013-09-18 15:14 - 2013-09-18 15:14 - 00000000 ____D C:\Users\Chris\AppData\Local\ATI
2013-09-18 15:14 - 2013-09-18 15:14 - 00000000 ____D C:\ProgramData\ATI
2013-09-18 15:14 - 2013-06-11 16:15 - 00000000 ____D C:\Program Files\Ray Adams
2013-09-18 15:13 - 2013-09-18 15:13 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\ProgramData\AMD
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\Program Files\AMD AVT
2013-09-18 15:11 - 2013-09-18 15:11 - 00000000 ____D C:\Program Files\AMD APP
2013-09-18 15:11 - 2013-09-18 15:06 - 00000000 ____D C:\Program Files\ATI Technologies
2013-09-18 15:06 - 2013-09-18 15:06 - 00000000 ____D C:\Program Files\ATI
2013-09-18 15:05 - 2013-09-18 15:05 - 00000000 ____D C:\AMD
2013-09-18 14:48 - 2013-09-18 14:48 - 00000000 ____D C:\Program Files\12noon Display Changer
2013-09-18 03:50 - 2013-08-08 23:04 - 00000000 ____D C:\Users\Chris\Desktop\Bilder
2013-09-18 03:24 - 2013-09-18 03:24 - 00119656 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-18 03:19 - 2013-08-23 01:49 - 00000000 ____D C:\Windows\system32\RTCOM
2013-09-18 03:18 - 2013-09-18 03:18 - 00000000 ____D C:\Program Files\Realtek
2013-09-18 03:18 - 2013-09-18 03:18 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-18 03:18 - 2011-12-07 11:21 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-18 03:16 - 2013-08-24 01:12 - 00000000 ____D C:\Users\Chris\Desktop\Radios
2013-09-18 03:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\inetsrv
2013-09-18 03:04 - 2013-09-18 03:03 - 03818648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-18 02:45 - 2013-05-22 13:38 - 00000000 ____D C:\Windows\system32\1031
2013-09-18 02:45 - 2012-05-15 17:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-18 02:03 - 2013-09-18 02:03 - 00000146 _____ C:\Windows\{C6B51FD8-942C-45FE-9704-19B687372691}.ini
2013-09-18 02:03 - 2013-09-18 02:03 - 00000000 _____ C:\Windows\system32\{C6B51FD8-942C-45FE-9704-19B687372691}.ini
2013-09-18 01:55 - 2013-08-12 04:02 - 00000000 ____D C:\Program Files\IObit
2013-09-17 19:45 - 2013-08-10 22:35 - 00000000 ____D C:\Users\Chris\.gimp-2.8
2013-09-17 19:37 - 2013-09-17 19:37 - 00000000 _____ C:\Users\Chris\Desktop\httpwww.youtube.comuserLaraLovesTBBTvideos.txt
2013-09-17 18:40 - 2013-09-17 18:40 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Guild Wars 2
2013-09-17 18:40 - 2013-08-10 07:49 - 00000000 ____D C:\Users\Chris\Pictures\Documents\Guild Wars 2
2013-09-16 16:56 - 2013-09-16 16:55 - 00000118 _____ C:\Users\Chris\Desktop\Neues Textdokument.txt
2013-09-16 13:38 - 2013-08-29 12:47 - 00000000 ____D C:\Program Files\Yahoo!
2013-09-16 13:38 - 2013-07-16 18:16 - 00000000 ____D C:\Program Files\DevPro
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\Mutti\AppData\Roaming\onOne Software
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\onOne Software
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Adobe
2013-09-15 23:59 - 2013-09-15 23:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2013-09-15 23:59 - 2013-09-15 23:55 - 00000000 ____D C:\Users\Chris\AppData\Roaming\onOne Software
2013-09-15 23:59 - 2013-02-10 21:59 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Adobe
2013-09-15 23:59 - 2013-01-04 18:09 - 00000000 ____D C:\Users\Mutti\AppData\Roaming\Adobe
2013-09-15 23:57 - 2013-09-15 23:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\onOne Software
2013-09-15 23:57 - 2013-09-15 23:57 - 00000000 ____D C:\ProgramData\Nalpeiron
2013-09-15 23:55 - 2013-09-15 23:53 - 00000000 ____D C:\ProgramData\onOne Software
2013-09-15 23:54 - 2013-09-15 23:54 - 00000000 ____D C:\Program Files\onOne Software
2013-09-15 23:54 - 2011-12-07 11:24 - 00000000 ____D C:\ProgramData\Adobe
2013-09-15 02:00 - 2013-08-09 00:28 - 00000000 ____D C:\Users\Chris\Desktop\Hintergrund-Bilder
2013-09-12 03:12 - 2013-09-12 03:12 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2013-09-12 03:12 - 2013-09-12 03:12 - 00000000 ____D C:\Users\DefaultAppPool
2013-09-12 03:11 - 2013-09-12 03:11 - 00000000 ____D C:\Windows\Sun
2013-09-12 03:10 - 2013-09-12 03:10 - 00000000 ____D C:\ProgramData\Oracle
2013-09-12 03:09 - 2012-06-17 21:39 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-09-12 03:09 - 2011-12-09 22:12 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-12 03:08 - 2013-09-12 03:08 - 00000000 ____D C:\ProgramData\Sun
2013-09-12 03:04 - 2013-08-01 03:01 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 03:01 - 2011-12-10 15:18 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 23:11 - 2013-09-11 23:11 - 00000000 ____D C:\Users\Chris\Skype Konvis
2013-09-11 22:55 - 2013-09-11 22:55 - 00000000 ____D C:\Windows\system32\BestPractices
2013-09-11 22:55 - 2013-09-11 22:55 - 00000000 ____D C:\inetpub
2013-09-11 22:01 - 2013-09-11 22:01 - 00000000 _____ C:\Users\Chris\Desktop\httpwww.youtube.comuserLeesgotBlubvideos.txt
2013-09-11 02:48 - 2013-09-11 01:46 - 00000000 ____D C:\Users\Chris\AppData\Roaming\asoftech
2013-09-11 02:39 - 2013-09-11 02:36 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Notepad++
2013-09-11 02:37 - 2013-09-11 02:37 - 00001023 _____ C:\Users\Mutti\Desktop\Notepad++.lnk
2013-09-11 02:37 - 2013-09-11 02:37 - 00001023 _____ C:\Users\Chris\Desktop\Notepad++.lnk
2013-09-11 02:37 - 2013-09-11 02:37 - 00001023 _____ C:\Users\Admin\Desktop\Notepad++.lnk
2013-09-11 02:37 - 2013-09-11 02:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-09-11 02:37 - 2013-09-11 02:36 - 00000000 ____D C:\Program Files\Notepad++
2013-09-11 02:03 - 2013-09-11 01:58 - 00000000 ____D C:\Program Files\Super Mouse Auto Clicker
2013-09-11 01:41 - 2013-09-11 01:41 - 00000080 __RSH C:\Windows\system32\FA54FF268A.dll
2013-09-11 01:41 - 2013-09-11 01:41 - 00000000 ____D C:\ProgramData\Protexis
2013-09-11 01:40 - 2013-09-11 01:40 - 00000000 ____D C:\ProgramData\Macrovision
2013-09-11 01:29 - 2013-09-11 01:29 - 00000000 ____D C:\Program Files\fabi.me
2013-09-11 01:25 - 2012-06-16 10:11 - 00002160 _____ C:\Windows\Sandboxie.ini
2013-09-11 00:41 - 2013-09-06 23:24 - 00005120 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-11 00:40 - 2013-09-06 23:20 - 00000000 ____D C:\Users\Chris\Pictures\Documents\HyperCam3
2013-09-10 13:35 - 2013-09-01 14:00 - 32415744 _____ C:\Windows\system32\config\components.iobit
2013-09-09 23:50 - 2013-09-08 04:18 - 00000000 ____D C:\Users\Chris\dwhelper
2013-09-08 05:14 - 2013-09-08 04:59 - 00000442 _____ C:\Users\Chris\Desktop\Seiten die ich laden muss.txt
2013-09-06 23:24 - 2013-09-06 23:24 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Solveig Multimedia
2013-09-06 23:21 - 2013-09-06 23:20 - 00000000 ____D C:\Program Files\HyperCam 3
2013-09-06 23:20 - 2013-09-06 23:20 - 00001001 _____ C:\Users\Chris\Desktop\HyperCam 3.lnk
2013-09-06 23:20 - 2013-09-06 23:20 - 00000000 ____D C:\Users\Chris\AppData\Roaming\HyperCam
2013-09-06 23:20 - 2013-09-06 23:20 - 00000000 ____D C:\Program Files\Common Files\Solveig Multimedia
2013-09-06 23:18 - 2013-09-06 23:17 - 00000000 ____D C:\Windows\DE042823C3594B87B66B308057E8B6AF.TMP
2013-09-06 15:10 - 2013-09-06 15:10 - 00001267 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-09-06 15:10 - 2013-09-06 15:10 - 00000000 ____D C:\IObit
2013-09-06 15:09 - 2013-09-06 15:08 - 60430120 _____ (IObit                                                       ) C:\Users\Chris\Pictures\Documents\asc-ultimate-setup.exe
2013-09-06 14:45 - 2011-12-15 19:54 - 00000000 ____D C:\Users\Chris\AppData\Local\Adobe
2013-09-05 15:52 - 2013-09-05 15:37 - 00000428 _____ C:\Users\Chris\Desktop\qwfqwfqwfg.txt
2013-09-05 15:23 - 2013-08-25 00:29 - 00000893 _____ C:\Users\Public\Desktop\Steam.lnk
2013-09-05 02:44 - 2013-09-05 02:44 - 00000000 ____D C:\Users\Chris\AppData\Local\DownloadGuide
2013-09-03 17:49 - 2013-09-03 17:49 - 00000017 _____ C:\Users\Chris\AppData\Local\resmon.resmoncfg
2013-09-01 20:18 - 2013-09-01 20:18 - 00000042 _____ C:\Users\Chris\Desktop\Track für FB.txt

Files to move or delete:
====================
C:\Users\Chris\Amplify 5.0 Unregistered.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-14 14:32

==================== End Of Log ============================
         
--- --- ---


Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2013 01
Ran by Chris at 2013-09-30 15:33:57
Running from C:\Users\Chris\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Advanced SystemCare Ultimate (Enabled - Up to date) {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

12noon Display Changer (Version: 4.3.2.0)
7-Zip 9.20
Accelerate
Adobe AIR (Version: 3.5.0.1060)
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X Lite - Deutsch (Version: 10.1.1)
Advanced SystemCare Ultimate 6 (Version: 6.1.0)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71116.1554)
applicationupdater
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.1116.1515.27190)
Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1515.27190)
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190)
Catalyst Control Center Localization All (Version: 2012.1116.1515.27190)
CCC Help Chinese Standard (Version: 2012.1116.1514.27190)
CCC Help Chinese Traditional (Version: 2012.1116.1514.27190)
CCC Help Czech (Version: 2012.1116.1514.27190)
CCC Help Danish (Version: 2012.1116.1514.27190)
CCC Help Dutch (Version: 2012.1116.1514.27190)
CCC Help English (Version: 2012.1116.1514.27190)
CCC Help Finnish (Version: 2012.1116.1514.27190)
CCC Help French (Version: 2012.1116.1514.27190)
CCC Help German (Version: 2012.1116.1514.27190)
CCC Help Greek (Version: 2012.1116.1514.27190)
CCC Help Hungarian (Version: 2012.1116.1514.27190)
CCC Help Italian (Version: 2012.1116.1514.27190)
CCC Help Japanese (Version: 2012.1116.1514.27190)
CCC Help Korean (Version: 2012.1116.1514.27190)
CCC Help Norwegian (Version: 2012.1116.1514.27190)
CCC Help Polish (Version: 2012.1116.1514.27190)
CCC Help Portuguese (Version: 2012.1116.1514.27190)
CCC Help Russian (Version: 2012.1116.1514.27190)
CCC Help Spanish (Version: 2012.1116.1514.27190)
CCC Help Swedish (Version: 2012.1116.1514.27190)
CCC Help Thai (Version: 2012.1116.1514.27190)
CCC Help Turkish (Version: 2012.1116.1514.27190)
ccc-utility (Version: 2012.1116.1515.27190)
CCleaner (Version: 4.04)
Cheat Engine 6.3
D3DX10 (Version: 15.4.2368.0902)
DefianceRuntimes (Version: 1.0.2)
FileZilla Client 3.5.3 (HKCU Version: 3.5.3)
Fotogalerie (Version: 16.4.3505.0912)
Free YouTube to MP3 Converter version 3.11.35.1031 (Version: 3.11.35.1031)
Game Booster 3 (Version: 3.4)
GIMP 2.8.6 (Version: 2.8.6)
Google Chrome (HKCU Version: 29.0.1547.76)
HDD Health v3.3 Beta
HyperCam 3 (Version: 3.5.1210.30)
ICQ7.2 (Version: 7.2)
ICQ7.6 (Version: 7.6)
IObit Malware Fighter (Version: 2.0)
Junk Mail filter update (Version: 16.4.3505.0912)
LG Bluetooth Drivers (Version: 1.1)
LG Internet Kit (Version: 4.1.13)
LG United Mobile Drivers (Version: 3.6.0.0)
LG USB Modem Drivers (Version: 4.9.4)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5.1 RC (Version: 4.5.50861)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE (Version: 3.3.24.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Visual Basic 2010 Express - DEU (Version: 10.0.30319)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio Macro Tools - DEU Language Pack (Version: 9.0.30729)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox (3.6.28) (Version: 3.6.28 (de))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
Notepad++ (Version: 6.4.5)
OpenAL
OpenOffice.org 3.4 (Version: 3.4.9590)
OpenVPN 2.3.2-I003  (Version: 2.3.2-I003)
Opera 12.14 (Version: 12.14.1738)
PDF Settings CS6 (Version: 11.0)
Perfect Effects 4.0.4 (Version: 4.0.4)
Personal ID (Version: 1.8.5.202)
Photo Gallery (Version: 16.4.3505.0912)
PlanetSide 2 PSG (HKCU Version: 1.0.3.181)
PowerStrip 3 (remove only)
QuickTime (Version: 7.74.80.86)
Razer Game Booster (Version: 3.7)
Realtek High Definition Audio Driver (Version: 6.0.1.6873)
Rockstar Games Social Club (Version: 1.1.0.6)
simplitec simplicheck (Version: 1.3.10.0)
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.6 (Version: 6.6.106)
Smart Defrag 2 (Version: 2.9)
Steam (Version: 1.0.0.0)
StreamTransport version: 1.0.2.2171
swMSM (Version: 12.0.0.1)
TeamSpeak 3 Client (HKCU Version: 3.0.12)
Unity Web Player (HKCU Version: )
Universe Sandbox
Unlocker 1.9.2 (Version: 1.9.2)
Uplay (Version: 3.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
virtualPhotographer 1.5.6
VMware Player (Version: 5.0.2)
Web Deployment Tool (Version: 1.1.0618)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
WISO Mein Geld 2012 Professional (Version: 14.0.1.18)

==================== Restore Points  =========================

27-09-2013 01:00:11 Windows Update
27-09-2013 01:44:56 Windows Update
28-09-2013 01:00:19 Windows Update
28-09-2013 01:42:31 Windows Modules Installer
28-09-2013 01:44:05 Windows Modules Installer
28-09-2013 01:45:18 Removed Security Update for CAPICOM (KB931906)
28-09-2013 01:51:40 Removed Microsoft Silverlight
28-09-2013 01:53:14 NVIDIA PhysX wird entfernt
28-09-2013 01:55:13 Removed Apple Application Support
28-09-2013 01:56:15 Removed MSXML 4.0 SP2 (KB973688)
28-09-2013 01:56:49 Removed Java 7 Update 40
28-09-2013 01:57:23 Removed MSXML 4.0 SP3 Parser (KB2758694)
28-09-2013 01:59:10 Removed Apple Software Update
28-09-2013 02:54:30 Windows Update
28-09-2013 02:57:52 Installed Microsoft Fix it 50123
28-09-2013 03:01:28 Installed Microsoft Fix it 50202
29-09-2013 01:58:48 Windows Update
29-09-2013 02:42:24 DirectX wurde installiert
29-09-2013 03:03:36 Windows Update
30-09-2013 01:08:32 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2013-08-12 19:29 - 00000824 ___AS C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03FE5DB2-747E-4D75-8CC5-201D2CB1DF54} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2013-09-18] ()
Task: {0A8F875D-7CD8-42A0-8E9A-D4EAC833ADB9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-18] (Adobe Systems Incorporated)
Task: {14623037-D797-47E3-AD93-F19C046294E8} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-619545233-3982487146-170125208-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {1F68595C-ACFD-4031-8D6A-664053BACDB1} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe
Task: {20D587E2-534F-4047-BDFC-B793A897ABE6} - System32\Tasks\{2480F599-9360-4641-98FD-B677B3A6C3DF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.114/de/abandoninstall?page=tsProgressBar
Task: {2EFE1047-B5B3-4674-9685-4D8D4CABDB6D} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {44D81188-5B40-415C-B4D0-5EEBBDE992FE} - System32\Tasks\B2CNotiAgent => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
Task: {49E585B4-9227-4A66-990C-657064E0E1CE} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\6.4.1.14\SymErr.exe
Task: {4FFECE7D-A82F-4693-8173-573B1F00128D} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {68106135-63D9-46BD-8914-A1D62BA5F64F} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)
Task: {68BE803F-51F2-4DBC-A4A5-91CE2BFF894A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-619545233-3982487146-170125208-1001Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-07] ()
Task: {79B2B3FE-13A4-48EE-A251-CF4E84FF5CC0} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe
Task: {7C7CAF83-2D08-49C5-967F-33D3029B3E27} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-619545233-3982487146-170125208-1001UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-07] ()
Task: {90985658-9529-4A57-8DC7-35A0A5B57EA9} - System32\Tasks\Google Updater and Installer => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-07] ()
Task: {92F6E826-0D75-4884-A46F-27F0BA2262EC} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-619545233-3982487146-170125208-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: {98F60C3D-E950-40E9-83AA-7812C22B8BF8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {A93325DB-C713-4BA0-AD95-91FDB1511410} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {C72C43D1-D8BA-4C3E-953F-5E74CBA76CFF} - System32\Tasks\AnVir Task Manager => C:\Program Files\AnVir Task Manager Free\anvir.exe
Task: {CAC6739A-B56B-4E0B-A54C-556B3C299856} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe
Task: {D87A4DC1-A5EA-46CA-ACA5-8023B7457A95} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\6.4.1.14\WSCStub.exe
Task: {D9F987F0-D0FB-494E-8B99-59B3E0E11653} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-619545233-3982487146-170125208-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {E37C06D5-7153-4617-8923-3D70540BF785} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe [2013-07-06] (IObit)
Task: {F4AFDDFC-9266-4A48-8803-489EF928E080} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\6.4.1.14\SymErr.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-619545233-3982487146-170125208-1001Core.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-619545233-3982487146-170125208-1001UA.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2013-09-06 15:10 - 2012-11-01 10:21 - 00350592 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2013-09-06 15:10 - 2012-11-01 10:21 - 00182656 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2013-09-06 15:10 - 2012-11-01 10:21 - 00050048 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2013-09-06 15:10 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\webres.dll
2013-09-06 15:10 - 2012-10-15 10:53 - 01229696 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\Scan.dll
2013-09-06 15:10 - 2012-09-05 18:55 - 00516480 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\sqlite3.dll
2013-09-25 13:42 - 2013-09-17 05:20 - 00709584 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-25 13:42 - 2013-09-17 05:20 - 00099792 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-25 13:42 - 2013-09-17 05:21 - 04053456 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-25 13:42 - 2013-09-17 05:21 - 00410576 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-25 13:42 - 2013-09-17 05:20 - 01604560 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-25 13:42 - 2013-09-17 05:21 - 13611984 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
2013-02-26 02:28 - 2013-02-26 02:28 - 01260624 _____ () C:\Program Files\VMware\VMware Player\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: NVIDIA nForce-Netzwerkcontroller
Description: NVIDIA nForce-Netzwerkcontroller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVENETFD
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: G:\
Description: Flash HS-CF
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: H:\
Description: Flash HS-MS/SD
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: I:\
Description: Flash HS-SM
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2013 03:10:54 PM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 03:09:39 AM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 03:09:26 AM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:57:59 AM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:57:59 AM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:53:04 AM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:52:33 AM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:43:39 AM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/29/2013 10:17:52 PM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/29/2013 10:17:50 PM) (Source: .NET Runtime) (User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory


System errors:
=============
Error: (09/30/2013 01:08:48 PM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (09/30/2013 02:22:16 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{22303325-6006-47F4-8C47-92FB758909-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/30/2013 01:34:12 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{22303325-6006-47F4-8C47-92FB758909-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/30/2013 00:49:12 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (09/30/2013 00:49:12 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (09/30/2013 00:48:12 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (09/30/2013 00:47:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/30/2013 00:47:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/30/2013 00:47:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/30/2013 00:47:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (09/30/2013 03:10:54 PM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 03:09:39 AM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 03:09:26 AM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:57:59 AM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:57:59 AM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:53:04 AM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:52:33 AM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/30/2013 00:43:39 AM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/29/2013 10:17:52 PM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory

Error: (09/29/2013 10:17:50 PM) (Source: .NET Runtime)(User: )
Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory


CodeIntegrity Errors:
===================================
  Date: 2013-09-26 01:02:48.729
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-26 01:02:48.606
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-20 02:02:18.341
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-20 02:02:18.221
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-20 02:01:57.968
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-20 02:01:57.860
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-20 01:55:06.723
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-20 01:55:06.582
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aticfx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3071.3 MB
Available physical RAM: 1659.64 MB
Total Pagefile: 7069.59 MB
Available Pagefile: 4662.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.11 GB) (Free:128.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:14.63 GB) (Free:11.88 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AEDE2766)
Partition 1: (Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
Ich sollte nebenbei noch Erwähnen, das Framework mir auch Probleme macht. D.h. ich kann kein 4.0 und nicht das neueste 4.5 installieren.

-Rock
__________________

Alt 30.09.2013, 19:47   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Svchost 14x Offen [PC Langsam] - Standard

Svchost 14x Offen [PC Langsam]



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.09.2013, 23:05   #5
RockThatBody
 
Svchost 14x Offen [PC Langsam] - Standard

Svchost 14x Offen [PC Langsam]



Hatte das Programm ausgeführt, vorher alle Anti-Vir Programme sowie die Firewall ausgemacht, 2 Minuten nach Start kam ein Fehler, da es trotzdem noch lief, hatte ich es 1 Stunden laufen lassen, doch nichts ist passiert. Und das zwei mal.

Es stand da sowas wie : Stream client, und dann Prozess Beenden. Und beim nächsten mal hatte sich der ganze Explorer aufgehangen, und es stand da: Microsoft Windows (Prozess beenden).


Alt 01.10.2013, 18:36   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Svchost 14x Offen [PC Langsam] - Standard

Svchost 14x Offen [PC Langsam]



poste bitte mal ein frisches FRST log.
__________________
--> Svchost 14x Offen [PC Langsam]

Antwort

Themen zu Svchost 14x Offen [PC Langsam]
administrator, altes, anti-malware, aufsetzen, explorer, festplatte, gesperrt, langsam, lösung, malwarebytes, neu, norton, norton 360, offen, pc langsam, problem, programm, prozesse, runter, sicherheit, spiele, svchost, svchost.exe, taskmanager, trojaner



Ähnliche Themen: Svchost 14x Offen [PC Langsam]


  1. svchost.exe spielt verückt/System langsam
    Plagegeister aller Art und deren Bekämpfung - 09.11.2014 (11)
  2. svchost.exe immer bis zu 12 mal offen
    Plagegeister aller Art und deren Bekämpfung - 30.07.2014 (1)
  3. svchost.exe auf 98% Rechner sehr langsam
    Log-Analyse und Auswertung - 26.11.2013 (2)
  4. PC Langsam, svchost.exe prozess hat großen Umfang
    Log-Analyse und Auswertung - 23.05.2013 (12)
  5. fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam
    Log-Analyse und Auswertung - 14.06.2012 (1)
  6. System sehr langsam -> ausgelastet mit svchost, winxp 32 bit
    Plagegeister aller Art und deren Bekämpfung - 06.02.2012 (3)
  7. Zweimal rundll32.exe / Rechner langsam (obwohl gerade neu aufgesetzt)/viele Ports offen
    Log-Analyse und Auswertung - 30.01.2012 (36)
  8. Hab ich einen Virus auf dem PC? 13x svchost.exe und ca 93 Prozesse offen bei Systemstart.
    Log-Analyse und Auswertung - 12.12.2011 (1)
  9. Firefox langsam und svchost.exe bis zu 50% auslastung - Virusbefall?
    Plagegeister aller Art und deren Bekämpfung - 01.09.2011 (20)
  10. svchost.exe - 100% Auslastung- Soundprobleme-PC ganz langsam
    Alles rund um Windows - 10.08.2011 (6)
  11. R.A.T infiziert? 16x svchost, ein Leerlaufprozess, 1x spoolsv und ein paar weitere Sachen offen
    Plagegeister aller Art und deren Bekämpfung - 30.07.2011 (4)
  12. Internet sehr langsam, svchost lastet CPU aus
    Log-Analyse und Auswertung - 26.06.2011 (6)
  13. Laptop langsam, laut und hohe cpu wenn firefox offen
    Log-Analyse und Auswertung - 02.11.2010 (1)
  14. Computer sehr langsam 100 % auslastung svchost
    Log-Analyse und Auswertung - 21.02.2010 (7)
  15. Windows XP startet langsam / Registry: RunOnce offen / druckt Testseiten
    Log-Analyse und Auswertung - 09.08.2009 (0)
  16. PC wird langsam & zu viele Svchost :(
    Log-Analyse und Auswertung - 02.02.2009 (16)
  17. PC ist sehr langsam svchost.exe
    Log-Analyse und Auswertung - 17.12.2005 (9)

Zum Thema Svchost 14x Offen [PC Langsam] - Ich hab seit einigen Wochen das Problem das ich immer mindestens 14 "Svchost.exe Prozesse" auf hab, ich glaub das ist nicht normal. Ich hatte mir deswegen das Programm Advanced Systemcare - Svchost 14x Offen [PC Langsam]...
Archiv
Du betrachtest: Svchost 14x Offen [PC Langsam] auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.