Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: smileys we love toolbar for IE

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.11.2013, 11:40   #1
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Hi,
ich habe mir ausversehen die smileys we love toolbar for IE runtergeladen weil ich nicht richtitig gelesen hab, bzw gar nicht gelesen hab.

Jetzt wollt ich das teil runter schmeißen aber es klappt einfach nicht. Ich habe Delta toolbar etc. was mitinstalliert wurde runter geschmissen. Außerdem scheint die Yontoo toolbar auch immer wieder zu kommen (muss noch genauer getestet werden. Aufjedenfall kann ich die smileys we love toolbar for IE nicht aus den Programmen löschen. Hab es auf normalen weg probiert mit TuneUP,CC cleaner, Glary Utlilities etc klappt alles nicht da immer folgender kommt:

"THere is a problem with this Windows Installer package. A program required for this install to complete could not be run. COntact your support personnel or package vendor."

Mein firefox und chrome sollte auch bereinigt sein.

Ich habe bereits CCleaner ausgeführt und HijackThis laufen lassen(auswertungslog hänge ich unten an).

Im moment lasse ich malewarebytes durchlaufen.

Fällt euch noch was ein was ich machen könnte?


hier der log:

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:38:41, on 10.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
D:\Games\STEAM\Steam.exe
D:\Programme\HTC\HTC Sync\adb.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Programme\RocketDock\RocketDock.exe
D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
D:\Programme\XFire\Xfire.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Users\zoOky\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\zoOky\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - (no file)
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: (no name) - {CF0F43AB-9C23-4D7B-8040-201B82844854} - (no file)
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware ] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Steam] "D:\Games\STEAM\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bitdefender-Geldbörse-Agent] D:\Programme\Bitdefender\Bitdefender\pmbxag.exe
O4 - HKCU\..\Run: [Bitdefender-Geldbörse] D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard
O4 - HKCU\..\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender-Geldbörse-Agent] D:\Programme\Bitdefender\Bitdefender\pmbxag.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender-Geldbörse] D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Bitdefender-Geldbörse-Agent] D:\Programme\Bitdefender\Bitdefender\pmbxag.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Rainmeter.lnk = D:\Programme\Rainmeter.exe
O4 - Startup: Xfire.lnk = D:\Programme\XFire\Xfire.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\zoOky\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - D:\Programme\HTC\HSMServiceEntry.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SplitCamService (SpliCamService) - SplitCam Co. - D:\Programme\SplitCam\SplitCamService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - D:\Programme\Bitdefender\Bitdefender\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - D:\Programme\Bitdefender\Bitdefender\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13447 bytes
         
ich wäre auch über andere tips dankbar die z.b. helfen weitere quellen oder geschwindigkeitsbremsen von meinem PC zu lösen da er jez nach 1/2 jahren langsamer wird udn wer weiß vllt ist ja viel schrott drauf oder so.. .(ich meine keine Viren da ich normal sehr vorsichtig bin etc. aber man weiß ja nie)...
TuneUp etc traue ich nicht so wirklich.

mfg,

seReniX

Alt 10.11.2013, 14:39   #2
schrauber
/// the machine
/// TB-Ausbilder
 

smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.11.2013, 16:54   #3
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Hi,
danke für die antwort.

Hier die log files:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013
Ran by zoOky (administrator) on ZOOKY-PC on 10-11-2013 17:37:54
Running from C:\Users\zoOky\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) D:\Programme\Bitdefender\Bitdefender\vsserv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) D:\Programme\HTC\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(SplitCam Co.) D:\Programme\SplitCam\SplitCamService.exe
(Rocket Division Software) D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() D:\Programme\Sapphire TRIXX\TRIXX.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\bdagent.exe
(Valve Corporation) D:\Games\STEAM\Steam.exe
() D:\Programme\HTC\HTC Sync\adb.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() D:\Programme\RocketDock\RocketDock.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Dropbox, Inc.) C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
() D:\Programme\Rainmeter.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
() D:\Programme\XFire\xfire64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Yontoo LLC) C:\Users\zoOky\AppData\Roaming\Yontoo\YontooDesktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\seccenter.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(TeamSpeak Systems GmbH) D:\Programme\TS\ts3client_win32.exe
(Solid State Networks) D:\Games\TERA\TERA-Launcher.exe
() D:\Games\TERA\Client\TL.exe
() D:\Games\TERA\Client\Binaries\TERA.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] - D:\Programme\Bitdefender\Bitdefender\bdagent.exe [1738968 2013-10-30] (Bitdefender)
HKLM-x32\...\RunOnce: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Steam] - D:\Games\STEAM\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [RocketDock] - D:\Programme\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [DAEMON Tools Lite] - D:\Programme\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - D:\Programme\Bitdefender\Bitdefender\pmbxag.exe [564256 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe [1004608 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-10-30] (Bitdefender)
HKCU\...\Run: [Google Update] - C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-07] (Google Inc.)
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {3cc854aa-4f72-11e2-ae3b-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {59b966de-5411-11e2-ba4f-001fd0dc171d} - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {8e59e9de-c097-11e2-bab5-001fd0dc171d} - I:\SETUP.EXE
MountPoints2: {c90a6927-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {c90a6a8e-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Razer Imperator Driver] - C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> D:\Programme\Rainmeter.exe ()
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> D:\Programme\XFire\Xfire.exe (Xfire Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD79BF8D408E2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP1491FE71-97E1-4635-96D7-6E5A540C5D1F&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP1491FE71-97E1-4635-96D7-6E5A540C5D1F&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss_Btisdt7&mntrId=A289001FD0DC171D
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} -  No File
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default
FF user.js: detected! => C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\user.js
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1))%20%7B%20return%20'PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\itunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\ich@maltegoetz.de
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: stylish - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Google Update) - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Extension: (ProxTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0
CHR Extension: (Google Drive) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Bitdefender Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0
CHR Extension: (Google Search) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Free Smileys & Emoticons) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.0.24.0_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (Google Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx

==================== Services (Whitelisted) =================

R2 HTCMonitorService; D:\Programme\HTC\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 MBAMScheduler; D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-31] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [31448 2013-05-03] (Razer)
R2 SpliCamService; D:\Programme\SplitCam\SplitCamService.exe [311456 2013-10-17] (SplitCam Co.)
R2 StarWindServiceAE; D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 UPDATESRV; D:\Programme\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender)
R2 VSSERV; D:\Programme\Bitdefender\Bitdefender\vsserv.exe [1506736 2013-10-30] (Bitdefender)
R2 Yontoo Desktop Updater; C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [23552 2013-05-17] (Microsoft)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-15] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-10-20] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-10] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-10] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-05-03] (Razer USA Ltd)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74456 2013-05-03] (Razer USA Ltd)
R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-19] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
U3 a6tpyuja; C:\Windows\System32\Drivers\a6tpyuja.sys [0 ] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
R3 TRIXX; \??\C:\Users\zoOky\AppData\Local\Temp\TRIXX.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-10 17:37 - 2013-11-10 17:37 - 01957562 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:54 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 12:00 - 2013-11-10 12:01 - 00000000 ____D C:\Users\zoOky\Downloads\backups
2013-11-10 11:58 - 2013-11-10 12:38 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-09 11:12 - 2013-11-09 11:14 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:31 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-01 17:09 - 2013-10-25 02:02 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-31 14:21 - 2013-10-31 14:23 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 14:05 - 2013-11-10 10:38 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-10-20 10:58 - 2013-11-10 11:57 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-10-20 10:56 - 2013-11-10 10:38 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd                                               ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:07 - 2013-04-24 09:45 - 00810496 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00183808 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00080896 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00000590 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2013-10-18 08:03 - 2013-10-20 10:47 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
2013-10-18 08:00 - 2013-10-18 08:00 - 00000000 ____D C:\Users\zoOky\Documents\PC Speed Maximizer
2013-10-18 07:55 - 2013-10-18 07:55 - 00000000 _____ C:\END
2013-10-14 13:40 - 2013-10-14 13:42 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta
2013-10-12 09:14 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-10 17:38 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Skype
2013-11-10 17:37 - 2013-11-10 17:37 - 01957562 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 17:20 - 2012-12-17 21:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 16:44 - 2013-01-07 22:08 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job
2013-11-10 16:28 - 2013-05-19 15:31 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Yontoo
2013-11-10 16:15 - 2012-12-17 20:29 - 01535540 _____ C:\Windows\WindowsUpdate.log
2013-11-10 14:23 - 2013-06-29 16:50 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\TS3Client
2013-11-10 13:56 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-10 13:54 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 13:26 - 2013-05-19 15:31 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:38 - 2013-11-10 11:58 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:25 - 2013-04-29 20:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:23 - 2013-10-20 10:51 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-10 12:23 - 2013-10-20 10:51 - 00000000 ____D C:\Program Files\CCleaner
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 12:01 - 2013-11-10 12:00 - 00000000 ____D C:\Users\zoOky\Downloads\backups
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-10 11:57 - 2013-10-20 10:58 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-11-10 10:45 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 10:45 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 10:39 - 2012-12-26 16:42 - 00000000 ____D C:\Users\zoOky\AppData\Local\HTC MediaHub
2013-11-10 10:38 - 2013-10-20 14:05 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-11-10 10:38 - 2013-10-20 10:56 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-11-10 10:38 - 2013-04-27 18:21 - 00000000 ___RD C:\Users\zoOky\Dropbox
2013-11-10 10:38 - 2013-04-27 18:19 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Dropbox
2013-11-10 10:38 - 2012-12-27 20:07 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-11-10 10:38 - 2012-12-27 11:35 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-11-10 10:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-09 18:40 - 2013-01-07 22:08 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job
2013-11-09 11:14 - 2013-11-09 11:12 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 16:44 - 2012-12-21 20:22 - 00000000 ____D C:\Users\zoOky\AppData\Local\PMB Files
2013-11-08 16:44 - 2012-12-21 20:22 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-08 16:09 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Xfire
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:31 - 2013-11-08 14:28 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-08 00:03 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Spotify
2013-11-07 15:02 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Local\Spotify
2013-11-07 13:48 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Xfire
2013-10-31 14:31 - 2012-12-18 16:34 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-10-31 14:31 - 2012-12-17 21:23 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-31 14:31 - 2012-12-17 21:23 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-10-31 14:24 - 2012-12-17 21:23 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-31 14:23 - 2013-10-31 14:21 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 15:34 - 2012-12-24 15:24 - 00000000 ____D C:\Users\zoOky\Documents\Guild Wars 2
2013-10-30 15:32 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-30 10:58 - 2013-09-03 10:58 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-30 10:09 - 2013-02-11 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-30 10:09 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-30 10:07 - 2012-12-17 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:05 - 2013-09-18 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-25 02:02 - 2013-11-01 17:09 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 11:03 - 2012-12-29 18:10 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-20 11:03 - 2012-12-18 20:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-20 11:00 - 2012-12-30 20:29 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2013-10-20 10:58 - 2012-12-18 16:29 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:52 - 2013-02-15 19:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\DAEMON Tools Lite
2013-10-20 10:52 - 2012-12-18 05:23 - 00000000 ____D C:\Windows\Panther
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:48 - 2012-12-17 21:10 - 00000000 ____D C:\Program Files\Creative
2013-10-20 10:47 - 2013-10-18 08:03 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-20 10:47 - 2012-12-17 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd                                               ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 15:48 - 2012-12-17 20:30 - 00000000 ____D C:\Users\zoOky
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
2013-10-18 08:00 - 2013-10-18 08:00 - 00000000 ____D C:\Users\zoOky\Documents\PC Speed Maximizer
2013-10-18 07:55 - 2013-10-18 07:55 - 00000000 _____ C:\END
2013-10-14 13:42 - 2013-10-14 13:40 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta
2013-10-13 22:27 - 2013-07-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-13 16:39 - 2013-01-07 22:08 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA
2013-10-13 16:39 - 2013-01-07 22:08 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core
2013-10-12 09:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-11 12:50 - 2009-07-14 05:45 - 00477488 _____ C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\zoOky\AppData\Local\Temp\i4jdel0.exe
C:\Users\zoOky\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-12-22 11:12] - [2010-04-11 23:03] - 2870272 ____A (Microsoft Corporation) EE79A736D8ACF23A080FC00E36486C98

C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 09:39

==================== End Of Log ============================
         
--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013
Ran by zoOky at 2013-11-10 17:38:33
Running from C:\Users\zoOky\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

@BIOS (x32 Version: 2.28)
«Fifa Manager 2013»  1.0.0.0 (x32 Version: 1.0.0.0)
Adobe AIR (x32 Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Aion (x32 Version: 1.0.0.2)
AION Free-to-Play Version 1.0 (x32 Version: 1.0)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD Wireless Display v3.0 (Version: 1.0.0.10)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlefield 4™ Beta (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Bitdefender Antivirus Plus (Version: 17.15.0.682)
Bonjour (Version: 3.0.0.10)
CABAL Online Europe (Europe) (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.07)
Core Temp 1.0 RC4 (Version: 1.0)
Counter-Strike: Global Offensive (x32)
CPUID CPU-Z 1.62
Creative Audio-Systemsteuerung (x32 Version: 2.00)
Creative Konsole Starter (x32)
Creative Software AutoUpdate (x32 Version: 1.40)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Diablo III (x32 Version: 1.0.8.16603)
DMC Devi May Cry (c) Capcom version 1 (x32 Version: 1)
Dropbox (HKCU Version: 2.0.22)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
FIFA 14 Demo (x32 Version: 1.0.0.0)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
Gameforge Live 1.0 "Legend" (x32 Version: 1.1.1724)
Glary Utilities 2.56.0.1822 (x32 Version: 2.56.0.1822)
Google Chrome (HKCU Version: 30.0.1599.101)
Guild Wars 2 (x32)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 4.3.0.001)
HTC Sync (x32 Version: 3.3.7)
HTC Sync Manager (x32 Version: 2.1.54.0)
ImgBurn (x32 Version: 2.5.7.0)
IPTInstaller (x32 Version: 4.0.8)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.5)
League of Legends (x32 Version: 1.3)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Mirror's Edge™ (x32 Version: 1.0.1.0)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NCSOFT Game Launcher (x32)
NCsoft Launcher (x32 Version: 1.5.19002)
Need for Speed™ Most Wanted (x32 Version: 1.5.0.0)
NVIDIA PhysX v8.10.17 (x32 Version: 8.10.17)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.1.3.2637)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
PakkISO 0.4 (x32 Version: PakkISO 0.4 by zorted, installer by BitLooter)
Pando Media Booster (x32 Version: 2.6.0.8)
PCSX2 - Playstation 2 Emulator (x32)
PunkBuster Services (x32 Version: 0.991)
Rainmeter (x32 Version: 2.4 r1678)
Razer Comms (x32)
Razer Core (x32 Version: 0.01.144)
Razer Imperator (x32 Version: 2.02.00)
RocketDock 1.3.5 (x32)
Sapphire TRIXX (x32)
Secure Download Manager (x32 Version: 3.1.10)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.9 (x32 Version: 6.9.106)
Smileys We Love Toolbar for IE (x32 Version: 3.0.17)
SpeedFan (remove only) (x32)
SplitCam (x32 Version: 5.14.4.1)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.13)
TERA (x32 Version: 18.10.03)
Theme Resource Changer X64 v1.0
TmNationsForever (x32)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.110)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817493) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827228) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827235) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2810016) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2825632) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2825633) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2827218) 64-Bit Edition
UxStyle Core Beta (Version: 0.2.1.1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
WinMerge 2.14.0 (x32 Version: 2.14.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xfire (x32)

==================== Restore Points  =========================

10-11-2013 11:25:54 Removed Smileys We Love Toolbar for IE
10-11-2013 11:36:39 Removed Smileys We Love Toolbar for IE

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05622429-4A19-4952-B2B2-6A6517C5A26D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {0F0AEB0D-2F66-4F37-AFFC-7CB3681E8A09} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()
Task: {117A9638-FC0F-4C51-9922-634B569E9465} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {175BEC22-4A53-41DB-9EAA-FFDC3FFD1748} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {37F2675B-16C1-49FE-A5D8-35ADCFF8E5AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {55AB4294-9210-480B-9FB5-006BFEBAD76D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {6B26C148-6DC4-4D87-A088-360069B2092B} - System32\Tasks\Google Updater and Installer => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {715FE8C9-0B31-41FB-88A1-4B58A9A53FC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {82FE0479-B4A5-4303-A20F-CEC53AAF5950} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {8B9735A0-E195-4F93-9575-F36A7C939B55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8EDA1BEC-CD67-480F-9B20-6F0C88C588C7} - System32\Tasks\Sapphire TRIXX => D:\Programme\Sapphire TRIXX\TRIXX.exe [2013-02-07] ()
Task: {9D98A4FC-FE39-4C6D-A29E-A3324297D584} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {9EA78E21-A6AF-4865-A977-69FAB038148F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9EC9D126-B639-4B97-9201-E99A5E2B34ED} - System32\Tasks\GlaryInitialize => D:\Programme\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {A8FC602F-62C7-42DC-8E17-A4047095804E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B3A8506E-21D6-4D88-8547-079285BCCDAD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {B49A1B05-9181-40DB-A801-38ECE8D2D046} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {D01F3F7A-6DA6-4AFD-ACCB-75CEF18B518A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {D11FB221-7F2D-4D46-8BF2-B54C9C667AD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F616E482-9F2A-4591-B2C8-6D3703298451} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-01-29] (Microsoft)
Task: {FDB2CF3E-4102-4FB7-8E06-DDE2F79DEB40} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => D:\Programme\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-20 18:43 - 2013-06-19 11:45 - 00265080 _____ () D:\Programme\Bitdefender\Bitdefender\txmlutil.dll
2012-11-04 15:25 - 2012-11-04 15:25 - 00736968 _____ () D:\Programme\Rainmeter.dll
2012-11-04 15:22 - 2012-11-04 15:22 - 00026624 _____ () D:\Programme\Plugins\InputText.dll
2013-10-02 17:43 - 2013-10-02 17:43 - 00101328 _____ () D:\Programme\Bitdefender\Bitdefender\bdmetrics.dll
2013-10-23 17:35 - 2013-10-23 17:35 - 00480296 _____ () D:\Programme\Bitdefender\Bitdefender\bdidntconp.dll
2013-09-04 14:11 - 2013-09-04 14:11 - 00201728 _____ () D:\Programme\Bitdefender\Bitdefender\UI\bdidntconp.ui
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-15 15:40 - 2013-08-15 15:40 - 00030056 _____ () D:\Programme\HTC\DbAccess.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00607376 _____ () D:\Programme\HTC\sqlite3.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00044392 _____ () D:\Programme\HTC\NAdvLog.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00036216 _____ () D:\Programme\HTC\NFileCacheDBAccess.dll
2013-08-15 15:42 - 2013-08-15 15:42 - 00080248 _____ () D:\Programme\HTC\ninstallerhelper.dll
2013-08-15 15:49 - 2013-08-15 15:49 - 00223592 _____ () D:\Programme\HTC\DevConnMon.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00114336 _____ () D:\Programme\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2012-11-14 14:44 - 2012-11-14 14:44 - 02875463 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2012-11-14 10:42 - 2012-11-14 10:42 - 00651331 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2012-09-17 16:25 - 2012-09-17 16:25 - 00106496 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2011-09-14 17:12 - 2011-09-14 17:12 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2012-11-14 14:00 - 2012-11-14 14:00 - 01499204 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2012-09-18 14:45 - 2012-09-18 14:45 - 01335362 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2012-11-09 16:51 - 2012-11-09 16:51 - 01429582 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2010-06-10 15:52 - 2010-06-10 15:52 - 00110592 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 04449632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 00423256 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2012-11-20 17:38 - 2012-11-20 17:38 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2013-03-25 19:34 - 2007-09-02 13:57 - 00069632 _____ () D:\Programme\RocketDock\RocketDock.dll
2013-03-25 13:23 - 2013-10-24 18:45 - 00691200 _____ () D:\Games\STEAM\SDL2.dll
2013-01-01 15:24 - 2013-10-30 20:25 - 01123240 _____ () D:\Games\STEAM\bin\chromehtml.DLL
2013-01-01 15:24 - 2013-10-23 21:07 - 20625832 _____ () D:\Games\STEAM\bin\libcef.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 01100800 _____ () D:\Games\STEAM\bin\avcodec-53.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00124416 _____ () D:\Games\STEAM\bin\avutil-51.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00192000 _____ () D:\Games\STEAM\bin\avformat-53.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00153760 _____ () D:\Programme\SplitCam\SplitCamFilter.ax
2013-07-02 05:36 - 2013-07-02 05:36 - 02088960 _____ () D:\Programme\SplitCam\opencv_core246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 01905664 _____ () D:\Programme\SplitCam\opencv_imgproc246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 02092544 _____ () D:\Programme\SplitCam\opencv_highgui246.dll
2013-08-20 18:43 - 2013-06-19 11:44 - 00204280 _____ () D:\Programme\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\zoOky\AppData\Roaming\Dropbox\bin\libcef.dll
2012-12-17 21:10 - 2006-06-09 15:20 - 00003072 _____ () C:\Windows\system32\CTXFIGER.DLL
2012-12-17 21:10 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2013-05-19 15:31 - 2013-11-10 10:39 - 00013600 _____ () C:\Users\zoOky\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
2013-09-18 00:36 - 2013-10-26 02:53 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-10 13:20 - 2013-10-10 13:20 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00230376 _____ () D:\Programme\TS\soundbackends\directsound_win32.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00237032 _____ () D:\Programme\TS\soundbackends\windowsaudiosession_win32.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00159208 _____ () D:\Programme\TS\plugins\appscanner_plugin.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00431080 _____ () D:\Programme\TS\plugins\clientquery_plugin.dll
2013-10-01 15:41 - 2013-10-01 15:41 - 00555496 _____ () D:\Programme\TS\plugins\teamspeak_control_plugin.dll
2013-03-03 21:51 - 2012-10-01 12:36 - 20452352 _____ () D:\Games\TERA\libcef.dll
2013-03-03 21:51 - 2013-04-23 08:45 - 00115240 _____ () D:\Games\TERA\CopyCub.dll
2013-03-03 22:59 - 2013-10-17 09:36 - 20645216 _____ () D:\Games\TERA\Client\Binaries\awesomium.dll
2013-03-03 22:59 - 2013-10-17 09:36 - 00166992 _____ () D:\Games\TERA\Client\Binaries\PhysXExtensions.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\WindowsSetupBox.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2013 01:14:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2013 00:42:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2013 00:42:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2013 00:37:31 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin

Error: (11/10/2013 00:26:57 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin

Error: (11/10/2013 00:18:38 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin

Error: (11/10/2013 00:14:45 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin

Error: (11/10/2013 00:02:29 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin

Error: (11/10/2013 11:57:15 AM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin

Error: (11/10/2013 11:55:56 AM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin


System errors:
=============
Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (11/10/2013 03:55:32 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (11/10/2013 03:55:32 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (11/10/2013 01:55:08 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (11/10/2013 01:55:03 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (11/10/2013 00:06:19 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/10/2013 00:06:19 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (11/10/2013 01:14:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe

Error: (11/10/2013 00:42:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe

Error: (11/10/2013 00:42:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe

Error: (11/10/2013 00:37:31 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2013 00:26:57 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2013 00:18:38 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2013 00:14:45 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2013 00:02:29 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2013 11:57:15 AM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2013 11:55:56 AM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Percentage of memory in use: 87%
Total physical RAM: 8190.3 MB
Available physical RAM: 1007.89 MB
Total Pagefile: 16378.79 MB
Available Pagefile: 8939.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:31.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:416.93 GB) (Free:53.78 GB) NTFS
Drive e: (Windows 7) (Fixed) (Total:48.83 GB) (Free:23.14 GB) NTFS
Drive g: (Metro: Last Light Disc2) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
Drive i: (15.0.4420.1017) (CDROM) (Total:0.76 GB) (Free:0 GB) UDF
Drive j: (VOLUME) (Fixed) (Total:297.94 GB) (Free:59.89 GB) FAT32
Drive k: (ESD-USB) (Removable) (Total:3.73 GB) (Free:0.66 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 777EC869)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8D243882)
Partition 1: (Not Active) - (Size=417 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: B986EA92)
Partition 1: (Not Active) - (Size=298 GB) - (Type=0C)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
         
und der log vom eset:

Code:
ATTFilter
C:\Program Files (x86)\Yontoo\YontooIEClient.dll	a variant of Win32/Adware.Yontoo.A application
C:\Program Files (x86)\Yontoo\YontooLayers.crx	multiple threats
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll	a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll	a variant of Win32/Adware.Yontoo.B application
C:\Users\zoOky\Downloads\backups\backup-20131110-120025-761.dll	a variant of Win32/Adware.Yontoo.A application
C:\Users\zoOky\Downloads\backups\backup-20131110-120133-760.dll	a variant of Win32/Adware.Yontoo.A application
C:\Users\zoOky\Downloads\backups\backup-20131110-120158-494.dll	a variant of Win32/Adware.Yontoo.A application
         
wie kann ich die jez löschen? :O
__________________

Alt 11.11.2013, 09:02   #4
schrauber
/// the machine
/// TB-Ausbilder
 

smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.11.2013, 13:13   #5
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Malewarebytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.10.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
zoOky :: ZOOKY-PC [Administrator]

Schutz: Aktiviert

10.11.2013 12:32:30
mbam-log-2013-11-10 (12-32-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|J:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 456552
Laufzeit: 52 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 8
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} (PUP.Optional.SmileysWeLove.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} (PUP.Optional.SmileysWeLove.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CF0F43AB-9C23-4D7B-8040-201B82844854} (PUP.Optional.SmileysWeLove.A) -> Daten:  -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{CF0F43AB-9C23-4D7B-8040-201B82844854} (PUP.Optional.SmileysWeLove.A) -> Daten: SmileysWeLoveToolbar.IEModule -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0L1N1H2O1S -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 3
C:\Users\zoOky\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zoOky\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zoOky\AppData\Roaming\OpenCandy\7774B20B101F47E7B5141C407BFF336E (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 3
C:\Program Files (x86)\Yontoo\OptChrome.exe (PUP.Optional.OptChrome.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\R.G. Catalyst\Fifa Manager 2013\rld.dll (Trojan.VirTool) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zoOky\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by zoOky on 11.11.2013 at 13:54:49,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Failed to stop: [Service] yontoo desktop updater 



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\zoOky\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\zoOky\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"



~~~ FireFox

Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\user.js
Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\invalidprefs.js
Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\searchplugins\delta.xml
Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\searchplugins\web search.xml
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted the following from C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\prefs.js

user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "a2893c17000000000000001fd0dc171d");
user_pref("extensions.delta.instlDay", "15844");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.0");
user_pref("extensions.delta.vrsnTs", "1.8.21.016:31:45");
user_pref("extensions.delta.vrsni", "1.8.21.0");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=121845&tt=gc_");
user_pref("extensions.delta_i.srcExt", "ss");
Emptied folder: C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\minidumps [4 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2013 at 14:03:23,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

ADWCleaner:
Code:
ATTFilter
# AdwCleaner v3.012 - Report created 11/11/2013 at 14:04:24
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : zoOky - ZOOKY-PC
# Running from : C:\Users\zoOky\Downloads\adwcleaner_3012.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\zoOky\Documents\PC Speed Maximizer
Folder Deleted : C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
File Deleted : C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\foxydeal.sqlite
File Deleted : C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\conduit-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\SmileysWeLove
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\systweak
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v25.0 (de)

[ File : C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\prefs.js ]

Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "fdb7c55c-68fe-4c3d-9637-90a6b8430b40");

-\\ Google Chrome v

[ File : C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8151 octets] - [11/11/2013 13:54:56]
AdwCleaner[S0].txt - [2921 octets] - [11/11/2013 14:04:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2981 octets] ##########
         

FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by zoOky (administrator) on ZOOKY-PC on 11-11-2013 14:11:14
Running from C:\Users\zoOky\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) D:\Programme\Bitdefender\Bitdefender\vsserv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) D:\Programme\HTC\HSMServiceEntry.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(SplitCam Co.) D:\Programme\SplitCam\SplitCamService.exe
(Rocket Division Software) D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\updatesrv.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
() D:\Programme\HTC\HTC Sync\adb.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\bdagent.exe
(Valve Corporation) D:\Games\STEAM\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() D:\Programme\RocketDock\RocketDock.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Dropbox, Inc.) C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe
() D:\Programme\Rainmeter.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
() D:\Programme\Sapphire TRIXX\TRIXX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
() D:\Programme\XFire\xfire64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\seccenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] - D:\Programme\Bitdefender\Bitdefender\bdagent.exe [1738968 2013-10-30] (Bitdefender)
HKLM-x32\...\RunOnce: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKCU\...\Run: [Steam] - D:\Games\STEAM\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [RocketDock] - D:\Programme\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [DAEMON Tools Lite] - D:\Programme\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - D:\Programme\Bitdefender\Bitdefender\pmbxag.exe [564256 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe [1004608 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-10-30] (Bitdefender)
HKCU\...\Run: [Google Update] - C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-07] (Google Inc.)
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {3cc854aa-4f72-11e2-ae3b-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {59b966de-5411-11e2-ba4f-001fd0dc171d} - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {8e59e9de-c097-11e2-bab5-001fd0dc171d} - I:\SETUP.EXE
MountPoints2: {c90a6927-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {c90a6a8e-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Razer Imperator Driver] - C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> D:\Programme\Rainmeter.exe ()
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> D:\Programme\XFire\Xfire.exe (Xfire Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD79BF8D408E2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} -  No File
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20((url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20host%20%3D%3D%20'www.pandora.com')%20%7B%20return%20'PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\itunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\ich@maltegoetz.de
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: stylish - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Google Update) - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Extension: (ProxTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0
CHR Extension: (Google Drive) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Bitdefender Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0
CHR Extension: (Google Search) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (Google Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx

==================== Services (Whitelisted) =================

R2 HTCMonitorService; D:\Programme\HTC\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 MBAMScheduler; D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-31] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [31448 2013-05-03] (Razer)
R2 SpliCamService; D:\Programme\SplitCam\SplitCamService.exe [311456 2013-10-17] (SplitCam Co.)
R2 StarWindServiceAE; D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 UPDATESRV; D:\Programme\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender)
R2 VSSERV; D:\Programme\Bitdefender\Bitdefender\vsserv.exe [1506736 2013-10-30] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-15] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-10-20] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-11] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-11] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-05-03] (Razer USA Ltd)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74456 2013-05-03] (Razer USA Ltd)
R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-19] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
U3 ak2uxw3u; C:\Windows\System32\Drivers\ak2uxw3u.sys [0 ] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
R3 TRIXX; \??\C:\Users\zoOky\AppData\Local\Temp\TRIXX.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-11 14:11 - 2013-11-11 14:11 - 01957590 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 13:53 - 2013-11-11 14:04 - 00000000 ____D C:\AdwCleaner
2013-11-11 06:08 - 2013-11-11 14:06 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 06:08 - 2013-11-11 14:06 - 00000112 _____ C:\Windows\setupact.log
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:38 - 2013-11-10 17:39 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:54 - 2013-11-11 06:25 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 12:00 - 2013-11-10 12:01 - 00000000 ____D C:\Users\zoOky\Downloads\backups
2013-11-10 11:58 - 2013-11-10 12:38 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-09 11:12 - 2013-11-09 11:14 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:31 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-01 17:09 - 2013-10-25 02:02 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-31 14:21 - 2013-10-31 14:23 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 14:05 - 2013-11-11 14:06 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-10-20 10:58 - 2013-11-10 11:57 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-10-20 10:56 - 2013-11-11 14:06 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd                                               ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:07 - 2013-04-24 09:45 - 00810496 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00183808 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00080896 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00000590 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2013-10-18 08:03 - 2013-10-20 10:47 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
2013-10-14 13:40 - 2013-10-14 13:42 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta
2013-10-12 09:14 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-11 14:11 - 2013-11-11 14:11 - 01957590 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-11 14:07 - 2013-04-27 18:19 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Dropbox
2013-11-11 14:07 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Skype
2013-11-11 14:06 - 2013-11-11 06:08 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 14:06 - 2013-11-11 06:08 - 00000112 _____ C:\Windows\setupact.log
2013-11-11 14:06 - 2013-10-20 14:05 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-11-11 14:06 - 2013-10-20 10:56 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-11-11 14:06 - 2013-04-27 18:21 - 00000000 ___RD C:\Users\zoOky\Dropbox
2013-11-11 14:06 - 2012-12-27 20:07 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-11-11 14:06 - 2012-12-27 11:35 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-11-11 14:06 - 2012-12-26 16:42 - 00000000 ____D C:\Users\zoOky\AppData\Local\HTC MediaHub
2013-11-11 14:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-11 14:05 - 2012-12-17 20:29 - 01567786 _____ C:\Windows\WindowsUpdate.log
2013-11-11 14:04 - 2013-11-11 13:53 - 00000000 ____D C:\AdwCleaner
2013-11-11 14:04 - 2012-12-17 20:30 - 00000000 ____D C:\Users\zoOky
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 14:02 - 2012-12-21 20:22 - 00000000 ____D C:\Users\zoOky\AppData\Local\PMB Files
2013-11-11 14:02 - 2012-12-21 20:22 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 13:44 - 2013-01-07 22:08 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job
2013-11-11 13:20 - 2012-12-17 21:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-11 06:25 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-11 06:25 - 2013-09-18 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-11 06:15 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 06:15 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 06:14 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 23:23 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Spotify
2013-11-10 19:19 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Xfire
2013-11-10 18:09 - 2012-12-18 16:34 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-10 18:09 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-10 18:08 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-10 17:57 - 2013-06-29 16:50 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\TS3Client
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:44 - 2013-01-07 22:08 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job
2013-11-10 17:39 - 2013-11-10 17:38 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:38 - 2013-11-10 11:58 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:23 - 2013-10-20 10:51 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-10 12:23 - 2013-10-20 10:51 - 00000000 ____D C:\Program Files\CCleaner
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 12:01 - 2013-11-10 12:00 - 00000000 ____D C:\Users\zoOky\Downloads\backups
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-10 11:57 - 2013-10-20 10:58 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-11-09 11:14 - 2013-11-09 11:12 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:31 - 2013-11-08 14:28 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-07 15:02 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Local\Spotify
2013-11-07 13:48 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Xfire
2013-10-31 14:24 - 2012-12-17 21:23 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-31 14:23 - 2013-10-31 14:21 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 15:34 - 2012-12-24 15:24 - 00000000 ____D C:\Users\zoOky\Documents\Guild Wars 2
2013-10-30 15:32 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-30 10:58 - 2013-09-03 10:58 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-30 10:09 - 2013-02-11 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-30 10:09 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-30 10:07 - 2012-12-17 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-25 02:02 - 2013-11-01 17:09 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 11:03 - 2012-12-29 18:10 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-20 11:03 - 2012-12-18 20:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-20 11:00 - 2012-12-30 20:29 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:52 - 2013-02-15 19:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\DAEMON Tools Lite
2013-10-20 10:52 - 2012-12-18 05:23 - 00000000 ____D C:\Windows\Panther
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:48 - 2012-12-17 21:10 - 00000000 ____D C:\Program Files\Creative
2013-10-20 10:47 - 2013-10-18 08:03 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-20 10:47 - 2012-12-17 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd                                               ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
2013-10-14 13:42 - 2013-10-14 13:40 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta
2013-10-13 22:27 - 2013-07-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-13 16:39 - 2013-01-07 22:08 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA
2013-10-13 16:39 - 2013-01-07 22:08 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core
2013-10-12 09:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\zoOky\AppData\Local\Temp\TUUUninstallHelper.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-12-22 11:12] - [2010-04-11 23:03] - 2870272 ____A (Microsoft Corporation) EE79A736D8ACF23A080FC00E36486C98

C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 22:16

==================== End Of Log ============================
         
--- --- ---


Alt 12.11.2013, 08:55   #6
schrauber
/// the machine
/// TB-Ausbilder
 

smileys we love toolbar for IE - Standard

smileys we love toolbar for IE




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> smileys we love toolbar for IE

Alt 14.11.2013, 13:51   #7
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f0de9cf54cef84d85fde7c8b58aed87
# engine=15826
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-10 04:41:41
# local_time=2013-11-10 05:41:41 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 10531646 135731551 0 0
# scanned=261273
# found=7
# cleaned=0
# scan_time=17825
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Program Files (x86)\Yontoo\YontooIEClient.dll"
sh=0A062BB6E0FBDF15ADF72201EAAD9E4026FC5FFA ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Program Files (x86)\Yontoo\YontooLayers.crx"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120025-761.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120133-760.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120158-494.dll"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f0de9cf54cef84d85fde7c8b58aed87
# engine=15877
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-14 02:02:19
# local_time=2013-11-14 03:02:19 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 10824484 136024389 0 0
# scanned=215947
# found=3
# cleaned=0
# scan_time=11511
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120025-761.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120133-760.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120158-494.dll"
         

SecurityCheck:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.76  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Bitdefender Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.117  
 Adobe Reader XI  
 Mozilla Firefox (25.0) 
 Google Chrome 30.0.1599.101  
 Google Chrome 30.0.1599.69  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Bitdefender Bitdefender vsserv.exe  
 Bitdefender Bitdefender updatesrv.exe  
 Bitdefender Bitdefender bdagent.exe  
 Bitdefender Bitdefender pmbxag.exe  
 Bitdefender Bitdefender antispam32 bdapppassmgr.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 28% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
         
FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by zoOky (administrator) on ZOOKY-PC on 14-11-2013 14:50:23
Running from C:\Users\zoOky\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) D:\Programme\Bitdefender\Bitdefender\vsserv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) D:\Programme\HTC\HSMServiceEntry.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(SplitCam Co.) D:\Programme\SplitCam\SplitCamService.exe
(Rocket Division Software) D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\updatesrv.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\bdagent.exe
(Valve Corporation) D:\Games\STEAM\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() D:\Programme\RocketDock\RocketDock.exe
() D:\Programme\HTC\HTC Sync\adb.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\RazerCore.exe
(Dropbox, Inc.) C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe
() D:\Programme\Rainmeter.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
() D:\Programme\Sapphire TRIXX\TRIXX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
() D:\Programme\XFire\xfire64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] - D:\Programme\Bitdefender\Bitdefender\bdagent.exe [1738968 2013-10-30] (Bitdefender)
HKLM-x32\...\RunOnce: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKCU\...\Run: [Steam] - D:\Games\STEAM\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [RocketDock] - D:\Programme\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [DAEMON Tools Lite] - D:\Programme\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - D:\Programme\Bitdefender\Bitdefender\pmbxag.exe [564256 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe [1004608 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-10-30] (Bitdefender)
HKCU\...\Run: [Google Update] - C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-07] (Google Inc.)
HKCU\...\Run: [Razer Comms] - C:\Program Files (x86)\Razer\Core\RazerCore.exe [1094336 2013-10-25] (Razer, Inc.)
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {3cc854aa-4f72-11e2-ae3b-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {59b966de-5411-11e2-ba4f-001fd0dc171d} - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {8e59e9de-c097-11e2-bab5-001fd0dc171d} - I:\SETUP.EXE
MountPoints2: {c90a6927-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {c90a6a8e-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {d0beb5f3-778f-11e2-a6d9-001fd0dc171d} - G:\setup.exe
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Razer Imperator Driver] - C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> D:\Programme\Rainmeter.exe ()
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> D:\Programme\XFire\Xfire.exe (Xfire Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD79BF8D408E2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} -  No File
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN43605740482668152&UM=1&q=
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\itunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\ich@maltegoetz.de
FF Extension: InnoGames  - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: stylish - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR Extension: (ProxTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0
CHR Extension: (Google Drive) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Bitdefender Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0
CHR Extension: (Google Search) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (Google Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx

==================== Services (Whitelisted) =================

R2 HTCMonitorService; D:\Programme\HTC\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 MBAMScheduler; D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-31] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-10-25] (Razer, Inc.)
R2 SpliCamService; D:\Programme\SplitCam\SplitCamService.exe [311456 2013-10-17] (SplitCam Co.)
R2 StarWindServiceAE; D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 UPDATESRV; D:\Programme\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender)
R2 VSSERV; D:\Programme\Bitdefender\Bitdefender\vsserv.exe [1506736 2013-10-30] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-15] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-10-20] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-14] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-14] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)
R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-19] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
U3 a2sel3e6; C:\Windows\System32\Drivers\a2sel3e6.sys [0 ] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
R3 TRIXX; \??\C:\Users\zoOky\AppData\Local\Temp\TRIXX.sys [x]
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-14 14:49 - 2013-11-14 14:49 - 01957794 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-14 14:44 - 2013-11-14 14:44 - 00891184 _____ C:\Users\zoOky\Downloads\SecurityCheck.exe
2013-11-14 03:04 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 03:04 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 03:04 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 03:04 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 03:04 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 03:04 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 03:04 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 03:04 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 03:04 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 03:04 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 02:58 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 02:58 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 02:58 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 02:58 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 02:58 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 15:53 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 15:53 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 15:53 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 15:53 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 15:53 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 15:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 15:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 15:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 15:53 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 15:53 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 15:53 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 15:53 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 15:53 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 15:53 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 15:53 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 15:53 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 15:53 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 15:53 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 15:53 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 15:53 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 15:53 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 15:53 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 15:53 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 15:53 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 15:53 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 21:46 - 2013-11-12 21:55 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\ts3overlay
2013-11-12 16:42 - 2013-11-12 16:42 - 705666554 _____ C:\Windows\MEMORY.DMP
2013-11-12 16:42 - 2013-11-12 16:42 - 00278072 _____ C:\Windows\Minidump\111213-12932-01.dmp
2013-11-11 20:28 - 2013-11-11 20:28 - 01467128 _____ C:\Users\zoOky\Downloads\SystemCheck_deDE.exe
2013-11-11 20:13 - 2013-11-11 20:13 - 00000009 _____ C:\END
2013-11-11 20:12 - 2013-11-11 20:12 - 01118384 _____ (Conduit) C:\Users\zoOky\Downloads\InnoGames_brff.exe
2013-11-11 14:38 - 2013-11-11 14:38 - 00001250 _____ C:\Users\Public\Desktop\Razer Comms.lnk
2013-11-11 14:37 - 2013-11-11 14:37 - 41985704 _____ (Razer Inc.) C:\Users\zoOky\Downloads\RazerComms1.70.14.exe
2013-11-11 14:23 - 2013-11-11 14:23 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-11-11 14:21 - 2013-11-11 14:21 - 01078591 _____ C:\Users\zoOky\Downloads\Unlocker1.9.2.exe
2013-11-11 14:11 - 2013-11-14 14:50 - 00021563 _____ C:\Users\zoOky\Downloads\FRST.txt
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 13:53 - 2013-11-11 14:04 - 00000000 ____D C:\AdwCleaner
2013-11-11 06:08 - 2013-11-14 13:44 - 00000761 _____ C:\Windows\setupact.log
2013-11-11 06:08 - 2013-11-11 14:06 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:38 - 2013-11-10 17:39 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:54 - 2013-11-11 06:25 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 11:58 - 2013-11-10 12:38 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-09 11:12 - 2013-11-09 11:14 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:31 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-01 17:09 - 2013-10-25 02:02 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-31 14:21 - 2013-10-31 14:23 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 14:05 - 2013-11-14 13:51 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-10-20 10:58 - 2013-11-10 11:57 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-10-20 10:56 - 2013-11-14 13:51 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd                                               ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:07 - 2013-04-24 09:45 - 00810496 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00183808 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00080896 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00000590 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2013-10-18 08:03 - 2013-10-20 10:47 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express

==================== One Month Modified Files and Folders =======

2013-11-14 14:50 - 2013-11-11 14:11 - 00021563 _____ C:\Users\zoOky\Downloads\FRST.txt
2013-11-14 14:49 - 2013-11-14 14:49 - 01957794 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-14 14:49 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Skype
2013-11-14 14:48 - 2013-01-07 22:08 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job
2013-11-14 14:44 - 2013-11-14 14:44 - 00891184 _____ C:\Users\zoOky\Downloads\SecurityCheck.exe
2013-11-14 14:20 - 2012-12-17 21:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 13:58 - 2012-12-17 20:29 - 02029004 _____ C:\Windows\WindowsUpdate.log
2013-11-14 13:56 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 13:56 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 13:54 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-14 13:51 - 2013-10-20 14:05 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-11-14 13:51 - 2013-10-20 10:56 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-11-14 13:51 - 2013-04-27 18:21 - 00000000 ___RD C:\Users\zoOky\Dropbox
2013-11-14 13:51 - 2013-04-27 18:19 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Dropbox
2013-11-14 13:51 - 2012-12-27 20:07 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-11-14 13:51 - 2012-12-26 16:42 - 00000000 ____D C:\Users\zoOky\AppData\Local\HTC MediaHub
2013-11-14 13:50 - 2012-12-27 11:35 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-11-14 13:48 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-14 13:44 - 2013-11-11 06:08 - 00000761 _____ C:\Windows\setupact.log
2013-11-14 13:44 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 13:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-14 03:52 - 2012-12-18 05:23 - 00000000 ____D C:\Windows\Panther
2013-11-14 03:04 - 2013-07-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 03:04 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2013-11-14 03:02 - 2013-07-19 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 03:00 - 2012-12-17 21:32 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 23:33 - 2013-06-29 16:50 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\TS3Client
2013-11-13 22:24 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Xfire
2013-11-13 18:36 - 2012-12-21 20:22 - 00000000 ____D C:\Users\zoOky\AppData\Local\PMB Files
2013-11-13 18:36 - 2012-12-21 20:22 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-13 17:44 - 2013-01-07 22:08 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job
2013-11-12 21:55 - 2013-11-12 21:46 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\ts3overlay
2013-11-12 16:42 - 2013-11-12 16:42 - 705666554 _____ C:\Windows\MEMORY.DMP
2013-11-12 16:42 - 2013-11-12 16:42 - 00278072 _____ C:\Windows\Minidump\111213-12932-01.dmp
2013-11-12 16:42 - 2013-01-29 17:49 - 00000000 ____D C:\Windows\Minidump
2013-11-11 20:28 - 2013-11-11 20:28 - 01467128 _____ C:\Users\zoOky\Downloads\SystemCheck_deDE.exe
2013-11-11 20:13 - 2013-11-11 20:13 - 00000009 _____ C:\END
2013-11-11 20:12 - 2013-11-11 20:12 - 01118384 _____ (Conduit) C:\Users\zoOky\Downloads\InnoGames_brff.exe
2013-11-11 14:38 - 2013-11-11 14:38 - 00001250 _____ C:\Users\Public\Desktop\Razer Comms.lnk
2013-11-11 14:38 - 2013-05-07 22:08 - 00000000 ____D C:\Windows\Razer Core
2013-11-11 14:37 - 2013-11-11 14:37 - 41985704 _____ (Razer Inc.) C:\Users\zoOky\Downloads\RazerComms1.70.14.exe
2013-11-11 14:23 - 2013-11-11 14:23 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-11-11 14:21 - 2013-11-11 14:21 - 01078591 _____ C:\Users\zoOky\Downloads\Unlocker1.9.2.exe
2013-11-11 14:16 - 2013-02-15 19:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\DAEMON Tools Lite
2013-11-11 14:06 - 2013-11-11 06:08 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 14:04 - 2013-11-11 13:53 - 00000000 ____D C:\AdwCleaner
2013-11-11 14:04 - 2012-12-17 20:30 - 00000000 ____D C:\Users\zoOky
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 06:25 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-11 06:25 - 2013-09-18 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 23:23 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Spotify
2013-11-10 18:09 - 2012-12-18 16:34 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-10 18:09 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-10 18:08 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:39 - 2013-11-10 17:38 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:38 - 2013-11-10 11:58 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:23 - 2013-10-20 10:51 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-10 12:23 - 2013-10-20 10:51 - 00000000 ____D C:\Program Files\CCleaner
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-10 11:57 - 2013-10-20 10:58 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-11-09 11:14 - 2013-11-09 11:12 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:31 - 2013-11-08 14:28 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-07 15:02 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Local\Spotify
2013-11-07 13:48 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Xfire
2013-10-31 14:24 - 2012-12-17 21:23 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-31 14:23 - 2013-10-31 14:21 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 15:34 - 2012-12-24 15:24 - 00000000 ____D C:\Users\zoOky\Documents\Guild Wars 2
2013-10-30 15:32 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-30 10:58 - 2013-09-03 10:58 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-30 10:09 - 2013-02-11 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-30 10:09 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-30 10:07 - 2012-12-17 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-25 07:57 - 2013-05-07 22:08 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2013-10-25 07:57 - 2013-05-07 22:08 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys
2013-10-25 02:02 - 2013-11-01 17:09 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 11:03 - 2012-12-29 18:10 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-20 11:03 - 2012-12-18 20:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-20 11:00 - 2012-12-30 20:29 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:48 - 2012-12-17 21:10 - 00000000 ____D C:\Program Files\Creative
2013-10-20 10:47 - 2013-10-18 08:03 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-20 10:47 - 2012-12-17 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd                                               ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-12-22 11:12] - [2010-04-11 23:03] - 2870272 ____A (Microsoft Corporation) EE79A736D8ACF23A080FC00E36486C98

C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 22:16

==================== End Of Log ============================
         
--- --- ---

Alt 15.11.2013, 09:53   #8
schrauber
/// the machine
/// TB-Ausbilder
 

smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Java updaten.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.11.2013, 17:52   #9
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



smileys we Love for IE lässt sich nach wie vor nicht aus den systemsteuerungen löschen

Die Reihenfolge ist hier entscheidend.

Code:
ATTFilter
 Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
    Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
        Windowstaste + R > Combofix /Uninstall (eingeben) > OK
        Alternative: Combofix.exe in uninstall.exe umbenennen und starten
        Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
    Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
        Schließe alle offenen Programme.
        Starte die delfix.exe mit einem Doppelklick.
        Setze vor jede Funktion ein Häkchen.
        Klicke auf Start.
        Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
        Starte deinen Rechner abschließend neu.
    Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.
         
dem kann ich nicht ganz folgen... soll ich das jez noch machen oder nicht? bzw was meinst mit "Die Reihenfolge ist hier entscheidend."

Geändert von serenix (15.11.2013 um 17:58 Uhr)

Alt 16.11.2013, 14:21   #10
schrauber
/// the machine
/// TB-Ausbilder
 

smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Na in der Reihenfolge abarbeiten. Da wir aber kein CF benutzt haben könntest Du direkt Delfix laufen lassen, aber warte damit noch. Öffne bitte FRST, setz nen haken bei additional und scanne, poste beide Logfiles.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.11.2013, 15:39   #11
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by zoOky at 2013-11-20 16:35:16
Running from C:\Users\zoOky\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

@BIOS (x32 Version: 2.28)
Adobe AIR (x32 Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Aion (x32 Version: 1.0.0.2)
AION Free-to-Play Version 1.0 (x32 Version: 1.0)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD Wireless Display v3.0 (Version: 1.0.0.10)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Bitdefender Antivirus Plus (Version: 17.15.0.682)
Bonjour (Version: 3.0.0.10)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.07)
Core Temp 1.0 RC4 (Version: 1.0)
Counter-Strike: Global Offensive (x32)
CPUID CPU-Z 1.62
Creative Audio-Systemsteuerung (x32 Version: 2.00)
Creative Konsole Starter (x32)
Creative Software AutoUpdate (x32 Version: 1.40)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Diablo III (x32)
DMC Devi May Cry (c) Capcom version 1 (x32 Version: 1)
Dropbox (HKCU Version: 2.0.22)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
FIFA 14 Demo (x32 Version: 1.0.0.0)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
Gameforge Live 1.0 "Legend" (x32 Version: 1.1.1724)
Glary Utilities 2.56.0.1822 (x32 Version: 2.56.0.1822)
Google Chrome (HKCU Version: 31.0.1650.57)
Guild Wars 2 (x32)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 4.3.0.001)
HTC Sync (x32 Version: 3.3.7)
HTC Sync Manager (x32 Version: 2.1.54.0)
ImgBurn (x32 Version: 2.5.7.0)
IPTInstaller (x32 Version: 4.0.8)
iTunes (Version: 11.0.4.4)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
League of Legends (x32 Version: 1.3)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Mirror's Edge™ (x32 Version: 1.0.1.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NCSOFT Game Launcher (x32)
NCsoft Launcher (x32 Version: 1.5.19002)
Need for Speed™ Most Wanted (x32 Version: 1.5.0.0)
NVIDIA PhysX v8.10.17 (x32 Version: 8.10.17)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Opera Stable 17.0.1241.53 (x32 Version: 17.0.1241.53)
Origin (x32 Version: 9.1.3.2637)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
PakkISO 0.4 (x32 Version: PakkISO 0.4 by zorted, installer by BitLooter)
Pando Media Booster (x32 Version: 2.6.0.8)
PCSX2 - Playstation 2 Emulator (x32)
PunkBuster Services (x32 Version: 0.991)
Rainmeter (x32 Version: 2.4 r1678)
Razer Comms (x32 Version: 1.70.14)
Razer Core (x32 Version: 1.0.1.46)
Razer Imperator (x32 Version: 2.02.00)
RocketDock 1.3.5 (x32)
Sapphire TRIXX (x32)
Secure Download Manager (x32 Version: 3.1.10)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.9 (x32 Version: 6.9.106)
Smileys We Love Toolbar for IE (x32 Version: 3.0.17)
SpeedFan (remove only) (x32)
SplitCam (x32 Version: 5.14.4.1)
Spotify (HKCU Version: 0.9.6.72.ge389c074)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.13.1)
TERA (x32 Version: 18.10.03)
Theme Resource Changer X64 v1.0
TmNationsForever (x32)
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2825630) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837643) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837649) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2837642) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2837630) 64-Bit Edition
UxStyle Core Beta (Version: 0.2.1.1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
WinMerge 2.14.0 (x32 Version: 2.14.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xfire (x32)

==================== Restore Points  =========================

15-11-2013 17:59:48 End of disinfection
17-11-2013 02:00:21 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05622429-4A19-4952-B2B2-6A6517C5A26D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {0F0AEB0D-2F66-4F37-AFFC-7CB3681E8A09} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()
Task: {117A9638-FC0F-4C51-9922-634B569E9465} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {175BEC22-4A53-41DB-9EAA-FFDC3FFD1748} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {37F2675B-16C1-49FE-A5D8-35ADCFF8E5AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {55AB4294-9210-480B-9FB5-006BFEBAD76D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {6B26C148-6DC4-4D87-A088-360069B2092B} - System32\Tasks\Google Updater and Installer => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {715FE8C9-0B31-41FB-88A1-4B58A9A53FC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {82FE0479-B4A5-4303-A20F-CEC53AAF5950} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {8B9735A0-E195-4F93-9575-F36A7C939B55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8EDA1BEC-CD67-480F-9B20-6F0C88C588C7} - System32\Tasks\Sapphire TRIXX => D:\Programme\Sapphire TRIXX\TRIXX.exe [2013-02-07] ()
Task: {9D98A4FC-FE39-4C6D-A29E-A3324297D584} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {9EA78E21-A6AF-4865-A977-69FAB038148F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9EC9D126-B639-4B97-9201-E99A5E2B34ED} - System32\Tasks\GlaryInitialize => D:\Programme\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {A8FC602F-62C7-42DC-8E17-A4047095804E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B3A8506E-21D6-4D88-8547-079285BCCDAD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {D01F3F7A-6DA6-4AFD-ACCB-75CEF18B518A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {D11FB221-7F2D-4D46-8BF2-B54C9C667AD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F616E482-9F2A-4591-B2C8-6D3703298451} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-01-29] (Microsoft)
Task: {FDB2CF3E-4102-4FB7-8E06-DDE2F79DEB40} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GlaryInitialize.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-08-20 18:43 - 2013-06-19 11:45 - 00265080 _____ () D:\Programme\Bitdefender\Bitdefender\txmlutil.dll
2012-11-04 15:25 - 2012-11-04 15:25 - 00736968 _____ () D:\Programme\Rainmeter.dll
2012-11-04 15:22 - 2012-11-04 15:22 - 00026624 _____ () D:\Programme\Plugins\InputText.dll
2013-10-02 17:43 - 2013-10-02 17:43 - 00101328 _____ () D:\Programme\Bitdefender\Bitdefender\bdmetrics.dll
2013-10-23 17:35 - 2013-10-23 17:35 - 00480296 _____ () D:\Programme\Bitdefender\Bitdefender\bdidntconp.dll
2013-09-04 14:11 - 2013-09-04 14:11 - 00201728 _____ () D:\Programme\Bitdefender\Bitdefender\UI\bdidntconp.ui
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-15 15:40 - 2013-08-15 15:40 - 00030056 _____ () D:\Programme\HTC\DbAccess.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00607376 _____ () D:\Programme\HTC\sqlite3.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00044392 _____ () D:\Programme\HTC\NAdvLog.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00036216 _____ () D:\Programme\HTC\NFileCacheDBAccess.dll
2013-08-15 15:42 - 2013-08-15 15:42 - 00080248 _____ () D:\Programme\HTC\ninstallerhelper.dll
2013-08-15 15:49 - 2013-08-15 15:49 - 00223592 _____ () D:\Programme\HTC\DevConnMon.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00114336 _____ () D:\Programme\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2013-03-25 19:34 - 2007-09-02 13:57 - 00069632 _____ () D:\Programme\RocketDock\RocketDock.dll
2013-03-25 13:23 - 2013-10-24 18:45 - 00691200 _____ () D:\Games\STEAM\SDL2.dll
2013-01-01 15:24 - 2013-10-30 20:25 - 01123240 _____ () D:\Games\STEAM\bin\chromehtml.DLL
2013-01-01 15:24 - 2013-10-23 21:07 - 20625832 _____ () D:\Games\STEAM\bin\libcef.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 01100800 _____ () D:\Games\STEAM\bin\avcodec-53.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00124416 _____ () D:\Games\STEAM\bin\avutil-51.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00192000 _____ () D:\Games\STEAM\bin\avformat-53.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00153760 _____ () D:\Programme\SplitCam\SplitCamFilter.ax
2013-07-02 05:36 - 2013-07-02 05:36 - 02088960 _____ () D:\Programme\SplitCam\opencv_core246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 01905664 _____ () D:\Programme\SplitCam\opencv_imgproc246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 02092544 _____ () D:\Programme\SplitCam\opencv_highgui246.dll
2013-08-20 18:43 - 2013-06-19 11:44 - 00204280 _____ () D:\Programme\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2012-03-23 11:15 - 2012-03-23 11:15 - 00988160 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\libssh2.dll
2012-03-02 09:23 - 2012-03-02 09:23 - 00577621 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\sqlite3.dll
2012-10-18 08:13 - 2012-10-18 08:13 - 04141056 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\QQPYEngine.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\zoOky\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-16 07:37 - 2013-11-16 07:37 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-10 13:20 - 2013-10-10 13:20 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
2013-04-24 09:45 - 2013-04-24 09:45 - 03668992 _____ () D:\Programme\SplitCam\DSFilters\Decoding\ffdshow.ax
2013-04-24 09:45 - 2013-04-24 09:45 - 03867770 _____ () D:\Programme\SplitCam\DSFilters\Decoding\ffmpeg.dll
2013-11-15 14:48 - 2013-11-14 12:28 - 00702416 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 14:48 - 2013-11-14 12:28 - 00099792 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 14:48 - 2013-11-14 12:29 - 04055504 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 14:48 - 2013-11-14 12:29 - 00399312 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 14:48 - 2013-11-14 12:28 - 01619408 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00667648 _____ () D:\Programme\SplitCam\opencv_objdetect246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00379904 _____ () D:\Programme\SplitCam\opencv_video246.dll
2013-07-02 05:38 - 2013-07-02 05:38 - 00797696 _____ () D:\Programme\SplitCam\opencv_calib3d246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00493568 _____ () D:\Programme\SplitCam\opencv_flann246.dll
2013-07-02 05:38 - 2013-07-02 05:38 - 00732672 _____ () D:\Programme\SplitCam\opencv_features2d246.dll
2013-07-02 05:39 - 2013-07-02 05:39 - 01236992 _____ () D:\Programme\SplitCam\opencv_legacy246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00514048 _____ () D:\Programme\SplitCam\opencv_ml246.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00146592 _____ () D:\Programme\SplitCam\AudioGrabber.ax
2013-10-17 13:24 - 2013-10-17 13:24 - 00146592 _____ () D:\Programme\SplitCam\AudioMixer.ax

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\InnoGames_brff.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Opera_17.0.1241.53_Setup.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\RazerComms1.70.14.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\ROCCAT_Power_Grid_v0458.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\SystemCheck_deDE.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Unlocker1.9.2.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\WindowsSetupBox.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\wpsetup.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/20/2013 03:54:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2013 06:22:53 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (11/20/2013 06:14:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 05:13:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/19/2013 04:07:19 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (11/19/2013 03:58:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 06:20:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 06:13:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034


System errors:
=============
Error: (11/19/2013 10:20:38 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer C3PO-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{31A4207F-913F-4AB8-92E3-74D13CC63C68}.
The master browser is stopping or an election is being forced.

Error: (11/19/2013 06:18:34 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 06:16:34 on ‎19.‎11.‎2013 was unexpected.

Error: (11/18/2013 09:27:39 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer C3PO-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{31A4207F-913F-4AB8-92E3-74D13CC63C68}.
The master browser is stopping or an election is being forced.

Error: (11/17/2013 10:04:39 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer C3PO-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{31A4207F-913F-4AB8-92E3-74D13CC63C68}.
The master browser is stopping or an election is being forced.

Error: (11/17/2013 02:38:01 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/16/2013 11:31:55 AM) (Source: BugCheck) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa80095b6950, 0xfffffa80095b6c30, 0xfffff800033857b0)C:\Windows\MEMORY.DMP111613-12214-01

Error: (11/16/2013 11:31:53 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:29:57 on ‎16.‎11.‎2013 was unexpected.

Error: (11/15/2013 07:02:13 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.

Error: (11/15/2013 07:01:23 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/14/2013 01:41:12 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (11/20/2013 03:54:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2013 06:22:53 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418231

Error: (11/20/2013 06:14:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 05:13:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/19/2013 04:07:19 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418231

Error: (11/19/2013 03:58:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 06:20:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 06:13:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 8190.3 MB
Available physical RAM: 4918.16 MB
Total Pagefile: 16378.79 MB
Available Pagefile: 11876.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:30.94 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:416.93 GB) (Free:70.44 GB) NTFS
Drive e: (Windows 7) (Fixed) (Total:48.83 GB) (Free:23.14 GB) NTFS
Drive g: (DMC) (CDROM) (Total:8.33 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 777EC869)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8D243882)
Partition 1: (Not Active) - (Size=417 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
den normal FRST kann er nicht erstellen. Er sagt ikmmer das er ihn nicht finden konnte und ob ich einen neuen erstellen möchte...wenn ich ja drücke kommt einer der allerdings leer ist.

Alt 21.11.2013, 10:54   #12
schrauber
/// the machine
/// TB-Ausbilder
 

smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Lösche FRST und lade es neu, scanne nochmal. Ich brauch die FRST.txt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.11.2013, 14:42   #13
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Hi,
ich habe die richtige version drauf aber es geht iwie trotzdem nicht :S

Alt 26.11.2013, 09:27   #14
schrauber
/// the machine
/// TB-Ausbilder
 

smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    ATTFilter
    :regfind
    smileys we love
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.12.2013, 16:26   #15
serenix
 
smileys we love toolbar for IE - Standard

smileys we love toolbar for IE



Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 17:25 on 02/12/2013 by zoOky
Administrator - Elevation successful

========== regfind ==========

Searching for "smileys we love"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|AddinExpress.IE.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|HtmlAgilityPack.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|Interop.SHDocVw.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|Microsoft.mshtml.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SmileysWeLoveToolbar.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SWLCustomInstaller.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SWLHelperLibrary.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SWLSettingsApp.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|System.Net.Json.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\105E76B4A1674454DB88C3BC32475661]
"ProductName"="Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}]
"AppPath"="C:\Program Files (x86)\Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\105E76B4A1674454DB88C3BC32475661]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4182712812E52EE8A490E129983F8C7F]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SWLHelperLibrary.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\487E5F88610E54E201263C1B510A8A69]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SWLCustomInstaller.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5194C7311BDF79329DBAFCA023D9C4C7]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697C65E29B241FAAE1EECFDD5D0C110B]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\AddinExpress.IE.tlb"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6BD2D2832E658D88A3691EDC035441E9]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\Microsoft.mshtml.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79660A529B0B48A22E62EE89A94F17AE]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A59C87ECC3E80574D6BF4D4D31F7B4E]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8003041F7A2750EBFACEDC18D6890C04]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\HtmlAgilityPack.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8676CA8899A9B69BCC69181C9CB86AFB]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\Interop.SHDocVw.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9791499B61804638A3C56C443BFFDFFE]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll.manifest"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C0ABAB249AB27F3AC228E408700DB0CC]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLove.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CBBCF48B99DC0CF5CFF44DEC1736CECC]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\AddinExpress.IE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5B0C334B0133CFD220A7DF2B18415EB]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\System.Net.Json.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E7CBE4CE8B05D38A3812DCC5A28BFCF5]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SWLSettingsApp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAE34644E6DF7E99AB4D59FB0041A04B]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\105E76B4A1674454DB88C3BC32475661\InstallProperties]
"DisplayName"="Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\105E76B4A1674454DB88C3BC32475661\InstallProperties]
"Comments"="Smileys We Love Toolbar - insert smileys into your emails and webpages."
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\1afb8e7a-a08b-475a-beb2-376df461eb17]
"AppPath"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B67E501-761A-4544-BD88-3CCB23746516}]
"DisplayName"="Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B67E501-761A-4544-BD88-3CCB23746516}]
"Comments"="Smileys We Love Toolbar - insert smileys into your emails and webpages."
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"

-= EOF =-
         
sry das ich so spät schreibe..bin gerade im Prüfungsstress -.-

Antwort

Themen zu smileys we love toolbar for IE
acrobat update, adobe flash player, bho, browser, converter, firefox, flash player, hijack, hijackthis, hkus\s-1-5-18, internet explorer, keine viren, mp3, pup.optional.babylon.a, pup.optional.delta.a, pup.optional.installcore.a, pup.optional.opencandy, pup.optional.optchrome.a, pup.optional.smileyswelove.a, pup.optional.snapdo, required, senden, trojan.virtool, virus, win32/adware.yontoo.a, win32/adware.yontoo.b, windows



Ähnliche Themen: smileys we love toolbar for IE


  1. Yahoo Toolbar drängelt vor, AVG Securtiy Toolbar nicht löschbar, Werbung poppt auf trotz Firewall
    Plagegeister aller Art und deren Bekämpfung - 23.09.2015 (31)
  2. Windows 7; langsames Hochfahren // Win32/Toolbar.Visicom.A, Win32/DownloadSponsor.C, Win32/Toolbar.Visicom.E
    Log-Analyse und Auswertung - 01.08.2015 (9)
  3. Windows 7 "PUP Babylon Toolbar" und "a variant of Win32/Bundled.Toolbar.Ask.D" gefunden
    Log-Analyse und Auswertung - 26.09.2013 (9)
  4. Ask Toolbar
    Plagegeister aller Art und deren Bekämpfung - 07.08.2013 (7)
  5. wie entferne ich Utility Chest Internet Explorer Toolbar Utility Chest Firefox Toolbar?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (32)
  6. ESETLog:Win32/OpenCandy Anwendung; Win32/Toolbar.Zugo Anwendung; Var. von: Win32/Bundled.Toolbar.Ask Anwendung; Win32/Injector.AIBG Trojaner
    Log-Analyse und Auswertung - 17.06.2013 (7)
  7. mapsgalaxy toolbar und mindspark toolbar platform plugin stub - wie entfernen?
    Log-Analyse und Auswertung - 08.05.2013 (8)
  8. Entrusted Toolbar und DVDVideoSoftTB Toolbar lassen sich nicht deinstaliern
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (4)
  9. I love you - Virus
    Plagegeister aller Art und deren Bekämpfung - 24.11.2009 (1)
  10. ICQ Lite Smileys
    Plagegeister aller Art und deren Bekämpfung - 17.04.2007 (2)
  11. GMX Toolbar mit IE7
    Alles rund um Windows - 24.11.2006 (5)
  12. frage: love letter "i love you"
    Plagegeister aller Art und deren Bekämpfung - 22.05.2005 (7)
  13. IMI Toolbar
    Plagegeister aller Art und deren Bekämpfung - 13.03.2005 (3)
  14. Toolbar.OWS
    Log-Analyse und Auswertung - 08.03.2005 (2)
  15. Smileys mit Handicap
    Lob, Kritik und Wünsche - 30.01.2005 (21)
  16. Toolbar
    Alles rund um Windows - 14.01.2005 (2)

Zum Thema smileys we love toolbar for IE - Hi, ich habe mir ausversehen die smileys we love toolbar for IE runtergeladen weil ich nicht richtitig gelesen hab, bzw gar nicht gelesen hab. Jetzt wollt ich das teil runter - smileys we love toolbar for IE...
Archiv
Du betrachtest: smileys we love toolbar for IE auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.