Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.03.2014, 12:05   #1
JohnVanger
 
Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren - Standard

Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren



Hallo zusammen,

ich habe seit ein paar Tagen ein äußerst nerviges Problem: In Firefox sind einige Wörter blau unterlegt (verlinkt), doppelt unterstrichen, und es öffnen sich Werbepopups, wenn ich mit der Maus über diese Wörter herüberfahre.

Ich habe mit FRST bereits einen Scan durchgeführt, hier die Ergebnisse:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Simon (administrator) on SIMON-PC on 02-03-2014 12:56:46
Running from O:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\lxczbmon.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Windows\system32\lxczcoms.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
() c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWlan.exe
(Safer-Networking Ltd.) d:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) d:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Safer-Networking Ltd.) d:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CmPCIaudio] - C:\Windows\Syswow64\CMICNFG3.dll [8151040 2009-09-07] (C-Media Corporation)
HKLM\...\Run: [lxczbmgr.exe] - C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [winsx] - C:\Windows\winsx.exe
HKLM-x32\...\Run: [QuickTime Task] - D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [P17RunE] - RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-19] (Microsoft Corporation)
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\Run: [SteelSeries Engine] - C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [239104 2013-02-06] (SteelSeries ApS)
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-03-27] ()
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-07-10] (NEXON Inc.)
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\Run: [Spybot-S&D Cleaning] - D:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [6032840 2013-12-19] (Safer-Networking Ltd.)
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\MountPoints2: {3034bb9a-7c31-11e2-bd39-6cf049062bea} - G:\setup.exe
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\MountPoints2: {4b142c4e-3891-11e1-a066-6cf049062bea} - M:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-1901263895-3609323268-4184387024-1000\...\MountPoints2: {e0750902-8822-11e2-ac2e-6cf049062bea} - N:\setup\rsrc\Autorun.exe
AppInit_DLLs: C:\PROGRA~3\SmartWeb\SMARTW~1.DLL => C:\ProgramData\SmartWeb\SmartWeb_x64.dll [4221440 2013-12-28] ()
AppInit_DLLs-x32: c:\progra~3\smartweb\smartweb.dll => "c:\progra~3\smartweb\smartweb.dll" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B590E3F55B0CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKCU - {F7FD4AF5-41B5-46C0-B984-CC29CD737D4B} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=600B8152-1FF2-4E83-A0DD-371049692123&apn_sauid=2DB8AA49-2A79-4255-B187-D512B7C7C8A0
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ts715jys.default
FF DefaultSearchEngine: Hola Search
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: https://www.google.de/
FF NetworkProxy: "ftp", "95.154.199.100"
FF NetworkProxy: "ftp_port", 443
FF NetworkProxy: "http", "95.154.199.100"
FF NetworkProxy: "http_port", 443
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "95.154.199.100"
FF NetworkProxy: "socks_port", 443
FF NetworkProxy: "ssl", "95.154.199.100"
FF NetworkProxy: "ssl_port", 443
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @coreonline.com/run3d,version=1.0 - C:\Users\Simon\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix)
FF Plugin HKCU: @gpac/osmozilla,version=1.0 - C:\Program Files (x86)\GPAC\nposmozilla.dll ( )
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Simon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - D:\Spiele\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: AdBlocknWatcah - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ts715jys.default\Extensions\97mdzl@uhnyxmwd.com [2014-01-31]
FF Extension: ExstraSavings - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ts715jys.default\Extensions\aeayeay@kzovfpv.co.uk [2013-12-31]
FF Extension: ISaver - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ts715jys.default\Extensions\u0noynkh8@hoh-r.net [2013-12-31]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Simon\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-12-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [566192 2007-04-19] ( )
R2 lxcz_device; C:\Windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( )
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-04] ()
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [210432 2014-02-12] ()
R2 SDScannerService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3666392 2013-12-19] (Safer-Networking Ltd.)
R2 SDUpdateService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2729432 2013-12-19] (Safer-Networking Ltd.)
R2 SDWSCService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-12-19] (Safer-Networking Ltd.)
S2 34677ac8; "C:\Windows\system32\rundll32.exe" "c:\progra~3\smartweb\SmartWebSvc.dll",service

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-08-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-07] (Avira Operations GmbH & Co. KG)
S3 cmipci; C:\Windows\System32\drivers\cmipci.sys [46080 2009-07-13] (Dogbert)
S3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-05-22] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-21] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2011-12-26] ()
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-02 12:56 - 2014-03-02 12:56 - 00000000 ____D () C:\FRST
2014-03-02 11:37 - 2014-03-02 11:39 - 00000000 ____D () C:\AdwCleaner
2014-03-02 00:27 - 2014-03-02 00:32 - 00000000 ____D () C:\Users\Simon\AppData\Local\mfbot.de
2014-03-01 20:03 - 2014-03-01 20:03 - 00000710 _____ () C:\Windows\system32\.crusader
2014-03-01 19:56 - 2014-03-01 19:56 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-01 19:55 - 2014-03-01 20:03 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-01 19:10 - 2014-03-02 12:46 - 00073127 _____ () C:\Windows\wininit.ini
2014-03-01 18:41 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-01 18:41 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-03-01 18:38 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-01 18:10 - 2014-03-01 18:10 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-01 18:09 - 2014-03-01 19:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-01 18:09 - 2014-03-01 18:09 - 00001096 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-03-01 18:09 - 2014-03-01 18:09 - 00001096 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-03-01 18:09 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-03-01 17:58 - 2014-03-01 17:58 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-03-01 17:48 - 2014-03-01 17:48 - 00000000 ____D () C:\Program Files (x86)\ISaver
2014-03-01 17:48 - 2014-03-01 17:48 - 00000000 ____D () C:\Program Files (x86)\ExstraSavings
2014-02-27 21:51 - 2014-02-27 21:51 - 00003088 _____ () C:\Windows\System32\Tasks\{7187A9A2-6FAC-4346-97BE-2DFBBE4BE1C3}
2014-02-27 20:57 - 2014-03-02 12:57 - 15738984 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-02-27 20:57 - 2014-02-27 20:57 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:57 - 2014-02-27 20:57 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-22 16:13 - 2014-02-22 16:12 - 00003668 _____ () C:\Users\Simon\Desktop\wp-config - Kopie.php
2014-02-22 16:12 - 2014-02-22 16:13 - 00003668 _____ () C:\Users\Simon\Desktop\wp-config.php
2014-02-22 15:22 - 2014-02-22 15:22 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird
2014-02-22 15:22 - 2014-02-22 15:22 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird
2014-02-21 00:09 - 2014-02-21 00:09 - 00274264 _____ () C:\Windows\Minidump\022114-60325-01.dmp
2014-02-19 22:33 - 2014-03-02 11:32 - 00267651 _____ () C:\Users\Simon\Desktop\Horse Racing Dobbing Results v2.xlsx
2014-02-15 15:33 - 2014-02-15 15:35 - 02179072 _____ () C:\Users\Simon\Desktop\Aufnahme-1.camrec
2014-02-15 15:30 - 2014-02-15 15:30 - 03559814 _____ () C:\Users\Simon\Desktop\Aufnahme-2.avi
2014-02-15 12:51 - 2014-02-15 12:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 17:29 - 2014-02-14 17:29 - 00000000 ____D () C:\Users\Simon\Desktop\Lind Erebros - Elven Oratory - Rebirth Of Light (2009)
2014-02-12 22:52 - 2014-02-12 22:52 - 00000000 ____D () C:\Users\Simon\Desktop\FIFA.14.Update.Crack.v5_p30download.com
2014-02-11 21:29 - 2014-02-11 22:05 - 00000000 ____D () C:\Users\Simon\Documents\FIFA 14
2014-02-04 22:28 - 2014-02-27 21:25 - 00855552 ___SH () C:\Users\Simon\Desktop\Thumbs.db
2014-02-04 21:21 - 2014-02-04 21:21 - 00009834 _____ () C:\Users\Simon\Desktop\Microgaming-Casino-Logins.xlsx
2014-01-31 19:22 - 2014-01-31 19:23 - 00001789 _____ () C:\Users\Public\Desktop\Royal Vegas.lnk
2014-01-31 19:22 - 2014-01-31 19:23 - 00001789 _____ () C:\ProgramData\Desktop\Royal Vegas.lnk
2014-01-31 19:12 - 2014-01-31 19:12 - 00000000 ____D () C:\Program Files (x86)\AdBlocknWatcah
2014-01-31 19:10 - 2014-02-27 20:57 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-01-31 19:10 - 2014-01-31 19:10 - 04938353 _____ () C:\Users\Simon\Downloads\forge1.7.exe
2014-01-31 17:39 - 2014-02-01 13:03 - 00000000 ____D () C:\ProgramData\AdBlocknWatcah
2014-01-31 17:39 - 2014-01-31 17:39 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 17:39 - 2014-01-31 17:39 - 00000000 ____D () C:\Users\Simon\AppData\Local\Packages
2014-01-31 17:39 - 2014-01-31 17:39 - 00000000 ____D () C:\ProgramData\jgifojeonkojcpknlfhjjcecgnomfdmh

==================== One Month Modified Files and Folders =======

2014-03-02 12:58 - 2013-03-27 22:40 - 00000000 ____D () C:\Users\Simon\AppData\Local\PMB Files
2014-03-02 12:57 - 2014-02-27 20:57 - 15738984 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-03-02 12:57 - 2009-07-14 05:45 - 00014624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 12:57 - 2009-07-14 05:45 - 00014624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 12:56 - 2014-03-02 12:56 - 00000000 ____D () C:\FRST
2014-03-02 12:55 - 2011-12-01 19:08 - 02077815 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 12:50 - 2014-01-27 11:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 12:47 - 2013-05-27 20:34 - 00000000 ___RD () C:\Users\Simon\Google Drive
2014-03-02 12:47 - 2013-01-30 19:56 - 00000000 ____D () C:\Users\Simon\AppData\Local\LogMeIn Hamachi
2014-03-02 12:46 - 2014-03-01 19:10 - 00073127 _____ () C:\Windows\wininit.ini
2014-03-02 12:45 - 2013-06-09 17:00 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-03-02 12:45 - 2013-02-10 19:53 - 00000416 ____H () C:\Windows\Tasks\schedule!3036567561.job
2014-03-02 12:45 - 2011-12-18 15:34 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 12:45 - 2011-12-01 19:41 - 00536068 _____ () C:\Windows\PFRO.log
2014-03-02 12:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 12:45 - 2009-07-14 05:51 - 00088964 _____ () C:\Windows\setupact.log
2014-03-02 11:39 - 2014-03-02 11:37 - 00000000 ____D () C:\AdwCleaner
2014-03-02 11:39 - 2011-12-01 19:13 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-02 11:32 - 2014-02-19 22:33 - 00267651 _____ () C:\Users\Simon\Desktop\Horse Racing Dobbing Results v2.xlsx
2014-03-02 11:27 - 2011-12-18 15:34 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 00:32 - 2014-03-02 00:27 - 00000000 ____D () C:\Users\Simon\AppData\Local\mfbot.de
2014-03-01 22:43 - 2012-04-07 12:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-01 20:05 - 2013-12-28 12:43 - 00000000 ____D () C:\ProgramData\SmartWeb
2014-03-01 20:03 - 2014-03-01 20:03 - 00000710 _____ () C:\Windows\system32\.crusader
2014-03-01 20:03 - 2014-03-01 19:55 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-01 19:56 - 2014-03-01 19:56 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-01 19:10 - 2014-03-01 18:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-01 19:10 - 2012-07-28 17:16 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-01 18:10 - 2014-03-01 18:10 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-01 18:09 - 2014-03-01 18:09 - 00001096 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-03-01 18:09 - 2014-03-01 18:09 - 00001096 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-03-01 17:58 - 2014-03-01 17:58 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-03-01 17:56 - 2013-12-31 05:07 - 00000000 ____D () C:\ProgramData\ISaver
2014-03-01 17:56 - 2013-12-31 05:07 - 00000000 ____D () C:\ProgramData\ExstraSavings
2014-03-01 17:48 - 2014-03-01 17:48 - 00000000 ____D () C:\Program Files (x86)\ISaver
2014-03-01 17:48 - 2014-03-01 17:48 - 00000000 ____D () C:\Program Files (x86)\ExstraSavings
2014-03-01 17:48 - 2013-12-31 05:07 - 00000000 ____D () C:\ProgramData\cdd2ea626ba1270c
2014-03-01 13:54 - 2013-07-07 18:52 - 00000000 ____D () C:\Users\Simon\Desktop\Trance-Klassiker (Nature One)
2014-03-01 13:54 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\.minecraft
2014-02-28 17:45 - 2011-12-13 19:57 - 00247333 _____ () C:\Windows\DirectX.log
2014-02-28 17:31 - 2012-04-08 17:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-27 22:57 - 2012-11-05 20:14 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-02-27 21:51 - 2014-02-27 21:51 - 00003088 _____ () C:\Windows\System32\Tasks\{7187A9A2-6FAC-4346-97BE-2DFBBE4BE1C3}
2014-02-27 21:51 - 2012-11-05 20:14 - 00000000 ____D () C:\ProgramData\Skype
2014-02-27 21:25 - 2014-02-04 22:28 - 00855552 ___SH () C:\Users\Simon\Desktop\Thumbs.db
2014-02-27 20:57 - 2014-02-27 20:57 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:57 - 2014-02-27 20:57 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-27 20:57 - 2014-01-31 19:10 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-24 19:00 - 2013-10-03 22:34 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
2014-02-23 11:36 - 2013-05-18 11:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 21:21 - 2013-06-25 18:12 - 00000000 ____D () C:\Users\Simon\Desktop\Daily Race Profits
2014-02-22 16:13 - 2014-02-22 16:12 - 00003668 _____ () C:\Users\Simon\Desktop\wp-config.php
2014-02-22 16:12 - 2014-02-22 16:13 - 00003668 _____ () C:\Users\Simon\Desktop\wp-config - Kopie.php
2014-02-22 15:22 - 2014-02-22 15:22 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird
2014-02-22 15:22 - 2014-02-22 15:22 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird
2014-02-22 12:55 - 2011-12-01 19:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-21 00:09 - 2014-02-21 00:09 - 00274264 _____ () C:\Windows\Minidump\022114-60325-01.dmp
2014-02-21 00:09 - 2012-11-15 18:42 - 00000000 ____D () C:\Windows\Minidump
2014-02-20 23:50 - 2014-01-27 11:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 23:50 - 2014-01-22 18:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 23:50 - 2014-01-22 18:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 22:33 - 2014-01-23 19:50 - 00540536 _____ () C:\Users\Simon\Desktop\Horse Racing Dobbing Results.xlsx
2014-02-19 19:47 - 2011-12-01 21:58 - 00000000 ____D () C:\Users\Simon\AppData\Local\Paint.NET
2014-02-17 21:49 - 2012-04-09 12:30 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\vlc
2014-02-15 15:35 - 2014-02-15 15:33 - 02179072 _____ () C:\Users\Simon\Desktop\Aufnahme-1.camrec
2014-02-15 15:30 - 2014-02-15 15:30 - 03559814 _____ () C:\Users\Simon\Desktop\Aufnahme-2.avi
2014-02-15 12:51 - 2014-02-15 12:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 17:29 - 2014-02-14 17:29 - 00000000 ____D () C:\Users\Simon\Desktop\Lind Erebros - Elven Oratory - Rebirth Of Light (2009)
2014-02-12 22:54 - 2013-08-19 20:13 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-12 22:52 - 2014-02-12 22:52 - 00000000 ____D () C:\Users\Simon\Desktop\FIFA.14.Update.Crack.v5_p30download.com
2014-02-11 22:05 - 2014-02-11 21:29 - 00000000 ____D () C:\Users\Simon\Documents\FIFA 14
2014-02-11 21:10 - 2009-07-14 18:58 - 00657698 _____ () C:\Windows\system32\perfh007.dat
2014-02-11 21:10 - 2009-07-14 18:58 - 00131070 _____ () C:\Windows\system32\perfc007.dat
2014-02-11 21:10 - 2009-07-14 06:13 - 01507502 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-05 19:37 - 2013-09-17 18:43 - 00000000 ____D () C:\Users\Simon\Desktop\Blackjack
2014-02-04 22:20 - 2014-01-08 19:29 - 00000000 ____D () C:\Users\Simon\Desktop\Trance Tracks für Ingo
2014-02-04 21:21 - 2014-02-04 21:21 - 00009834 _____ () C:\Users\Simon\Desktop\Microgaming-Casino-Logins.xlsx
2014-02-04 21:20 - 2013-09-15 14:00 - 00000000 ____D () C:\Users\Simon\Desktop\15.09.2013
2014-02-04 21:19 - 2014-01-27 09:30 - 00000000 ____D () C:\Users\Simon\Desktop\Betfair Trading
2014-02-04 17:48 - 2013-11-01 21:25 - 00000000 ____D () C:\Users\Simon\Desktop\Progressive
2014-02-01 13:03 - 2014-01-31 17:39 - 00000000 ____D () C:\ProgramData\AdBlocknWatcah
2014-01-31 19:23 - 2014-01-31 19:22 - 00001789 _____ () C:\Users\Public\Desktop\Royal Vegas.lnk
2014-01-31 19:23 - 2014-01-31 19:22 - 00001789 _____ () C:\ProgramData\Desktop\Royal Vegas.lnk
2014-01-31 19:12 - 2014-01-31 19:12 - 00000000 ____D () C:\Program Files (x86)\AdBlocknWatcah
2014-01-31 19:10 - 2014-01-31 19:10 - 04938353 _____ () C:\Users\Simon\Downloads\forge1.7.exe
2014-01-31 17:39 - 2014-01-31 17:39 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 17:39 - 2014-01-31 17:39 - 00000000 ____D () C:\Users\Simon\AppData\Local\Packages
2014-01-31 17:39 - 2014-01-31 17:39 - 00000000 ____D () C:\ProgramData\jgifojeonkojcpknlfhjjcecgnomfdmh
2014-01-31 17:39 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-01-31 17:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

Files to move or delete:
====================
C:\Users\Simon\Vegas Pro 12 Patch.exe


Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\avgnt.exe
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simon\AppData\Local\Temp\rtdrvmon.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-20 23:27

==================== End Of Log ============================
         
Addition Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2014 01
Ran by Simon at 2014-03-02 12:58:34
Running from O:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
777 Dragon Casino (HKLM-x32\...\777dragon) (Version: 16.9.2.739 - )
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMX Mod X Installer 1.8.2 (HKLM-x32\...\AMX Mod X Installer) (Version: 1.8.2 - AMX Mod X Dev Team)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aureon 5.1 PCI (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Back2Lay (HKLM-x32\...\Back2Lay) (Version: 1.13 - StakeSoft)
Back2Lay (x32 Version: 1.13 - StakeSoft) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Casino Verite Blackjack V5.6 (HKLM-x32\...\{7CBA7A5E-45BF-4500-998C-DF540FE1703A}) (Version: 5.6 - QFIT)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike Source (HKLM-x32\...\Counter-Strike Source) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Craft The World (HKLM-x32\...\Steam App 248390) (Version:  - )
Crazy Vegas Casino (HKLM-x32\...\crazyvegas) (Version: 16.9.2.739 - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
CVInstall2 (HKLM-x32\...\{25F75E24-6DD4-48F0-9734-24E1B57CF334}) (Version: 1.00.0000 - QFIT)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14.1 - Illustrate)
Defense Grid: The Awakening Demo (HKLM-x32\...\{21A5BB32-E9B2-4BF4-9DAA-808238092FC5}) (Version: 1.0.0 - Hidden Path Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version:  - )
DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Die Siedler II - Die nächste Generation (HKLM-x32\...\S2TNG) (Version:  - )
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FastStone Image Viewer 4.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.8 - FastStone Soft)
FIFA 14 Version 1.0 u1 (HKLM-x32\...\FIFA 14_is1) (Version: 1.0 u1 - EA Games)
FIFA 2003 (HKLM-x32\...\{6A1DC8D4-9FA4-43C3-00B3-5993B4BBE7D4}) (Version:  - )
FILSHtray Version 0.7 (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}_is1) (Version: 0.7 - FILSH Media GmbH)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
FoxTab Video Converter (HKCU\...\FoxTab Video Converter) (Version:  - ) <==== ATTENTION
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GNU Backgammon (Version 1_02_000, 20130728) (HKLM-x32\...\GNU Backgammon_is1) (Version:  - Free Software Foundation)
Go Wild Casino (HKLM-x32\...\gowild) (Version: 16.9.2.739 - )
Google Drive (HKLM-x32\...\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}) (Version: 1.13.5782.599 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.212 - SurfRight B.V.)
ICM Trainer (HKLM-x32\...\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}) (Version: 1.0.0 - PokerStrategy)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
King’s Bounty – Gold Edition (HKLM-x32\...\King’s Bounty – Gold Edition_is1) (Version:  - dtp)
King's Bounty Warriors of the North - Valhalla Edition (HKLM-x32\...\King's Bounty Warriors of the North - Valhalla Edition_is1) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Leo Vegas (HKCU\...\https://www.leovegas.com) (Version:  - )
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version:  - Lexmark International, Inc.)
linguatec Voice Reader (HKLM-x32\...\{93293322-B694-4270-B7FE-DDE1A681ACCA}) (Version: 1.00.0000 - linguatec)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Medal of Honor(TM) Multiplayer (HKLM-x32\...\Steam App 47830) (Version:  - Electronic Arts)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version:  - Electronic Arts)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Might & Magic Heroes VI - Game Official Demo (HKLM-x32\...\{A024B9E5-7702-4556-A7BF-A04BFF2DE5D8}) (Version: 1.0 - Ubisoft)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.0 - Ubisoft)
MiniTool Partition Wizard Home Edition 7.0 (HKLM-x32\...\{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1) (Version:  - MiniTool Solution Ltd.)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
MixMeister Studio Demo 7.4.4 (HKLM-x32\...\mmssetup_is1) (Version:  - MixMeister Technology LLC)
Mouse Recorder Pro 2.0.7.4 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version:  - Nemex Studios)
Movavi Screen Capture 4 (HKLM-x32\...\Movavi Screen Capture 4) (Version: 4.3.3 - MOVAVI)
Movavi Video Editor (HKLM-x32\...\Movavi Video Editor 9) (Version: 9.1.0 - Movavi)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Nero 9 (HKLM-x32\...\{7702157e-7f9d-49d1-8106-62ff8a42df13}) (Version:  - Nero AG)
Nero BurningROM (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero BurnRights (x32 Version: 2.99.6.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 0.0.0.1 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.0.5.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.0.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 1.53.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.0.0.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 4.99.5.105 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 3.99.5.105 - Nero AG) Hidden
Nero Express (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero InfoTool (x32 Version: 5.99.5.105 - Nero AG) Hidden
Nero Installer (x32 Version: 2.0.0.1 - Nero AG) Hidden
Nero Live (x32 Version: 1.0.164.0 - Nero AG) Hidden
Nero Live Help (x32 Version: 1.0.162.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero Recode (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Recode Help (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero RescueAgent Help (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 4.99.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.0.9.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero Vision (x32 Version: 0.0.0.1 - Nero AG) Hidden
Nero Vision (x32 Version: 6.0.6.100 - Nero AG) Hidden
Nero WaveEditor (x32 Version: 5.0.18.0 - Nero AG) Hidden
Nero WaveEditor Help (x32 Version: 5.0.15.0 - Nero AG) Hidden
NeroBurningROM (x32 Version: 9.0.9.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.0.9.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nostalgia Casino (HKLM-x32\...\nostalgia) (Version: 16.9.2.739 - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Osmo4/GPAC (remove only) (HKCU\...\Osmo4) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.9.13.22054 - Grinding Gear Games)
Pivot Stickfigure Animator version 2.2.6 (HKLM-x32\...\Pivot Stickfigure Animator_is1) (Version: 2.2.6 - )
Platinum Play Online (HKLM-x32\...\platinumplay) (Version: 16.9.2.739 - )
Poker Academy Pro 2 (HKLM-x32\...\PokerAcademyPro2) (Version:  - )
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PowerDirector (Version: 10.00.0000 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PSD Viewer (HKLM-x32\...\{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1) (Version:  - IdeaMK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Royal Vegas (HKLM-x32\...\royalvegas) (Version: 16.9.2.739 - )
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden
SavingsbullFilter (Version: 1.0.0.0 - SavingsBull Filter) Hidden <==== ATTENTION
Serious Sam Classic: The First Encounter (HKLM-x32\...\Steam App 41050) (Version:  - )
Serious Sam Classic: The Second Encounter (HKLM-x32\...\Steam App 41060) (Version:  - )
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version:  - Croteam)
Serious Sam HD: The Second Encounter Editor (HKLM-x32\...\Steam App 41040) (Version:  - Croteam)
Serious Sam: The Second Encounter Demo (HKLM-x32\...\{F3E8E53A-7FAC-459F-8E64-BB85699485E6}) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{CFDC5E9B-BD51-4695-B012-106B41B56C92}) (Version: 5.0.1342.0 - SmartSoft Ltd.)
SmartFTP Client German (Germany) MUI (HKLM\...\{78B0E43C-B774-4573-B253-8960E319C103}) (Version: 5.0.1342.0 - SmartSoft Ltd.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartWeb (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{34677ac8}) (Version:  - PlanetCore) <==== ATTENTION
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
Source 2007 Dedicated Server (HKLM-x32\...\Steam App 310) (Version:  - Valve)
Source Dedicated Server (HKLM-x32\...\Steam App 205) (Version:  - Valve)
Source SDK Base 2013 Dedicated Server (HKLM-x32\...\Steam App 244310) (Version:  - )
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Spotify (HKCU\...\Spotify) (Version: 0.8.4.107.g4fa0003f - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.37 - Safer-Networking Ltd.)
Square Enix Secure Launcher (HKCU\...\Square Enix Secure Launcher) (Version: 1.0.0.106 - Square Enix)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteamerBot (HKLM-x32\...\SteamerBot) (Version: 3.07 - StakeSoft)
SteamerBot (x32 Version: 3.07 - StakeSoft) Hidden
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.7.3047.30645 - SteelSeries)
Steinberg Cubase 5 64bit (HKLM\...\{8A9065DA-0293-41DA-A349-16E1A2605F64}) (Version: 5.5.3 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra 16-bit Edition (HKLM-x32\...\Steinberg HALion Symphonic Orchestra 16-bit Edition) (Version: 1.3.2 - Steinberg)
Steinberg HALionOne 64bit (HKLM\...\{743C5D75-6BC8-4881-BF7D-E7DF29F155F4}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Text to Speech Maker version 2.2.1 (HKLM-x32\...\Text to Speech Maker_is1) (Version:  - )
The Cave (c) SEGA version 1 (HKLM-x32\...\The Cave (c) SEGA_is1) (Version: 1 - )
The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version:  - Arrowhead Game Studios)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
Tony Hawk's Pro Skater HD (HKLM-x32\...\Steam App 207210) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trials Evolution Gold Edition (HKLM-x32\...\InstallShield_{07D857B8-C956-401D-BC8F-EDA8459AF037}) (Version: 1.0.0.3 - Ubisoft)
Trials Evolution Gold Edition (x32 Version: 1.0.0.3 - Ubisoft) Hidden
UKCasino Club (HKLM-x32\...\ukcasinoclub) (Version: 16.9.2.739 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5DB2894C-2DA4-4DEF-A051-795AE799964A}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C7351301-60F9-4B04-AFF6-600A4C98CE40}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{7A0D09B0-6575-11E2-89D5-F04DA23A5C58}) (Version: 12.0.486 - Sony)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Wav-2-Midi (HKLM-x32\...\Wav-2-Midi) (Version:  - )
WIDI Recognition System Pro 4.3 (remove only) (HKLM-x32\...\WIDI Recognition System Pro 4.3) (Version:  - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Worms Revolution (HKLM-x32\...\Worms Revolution_is1) (Version:  - )
Youtube Downloader HD v. 2.6 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {21F161A3-85DB-4440-ACEB-7066619B154D} - \Scheduled Update for Ask Toolbar No Task File
Task: {49785E48-2C1B-4CB9-AB92-3B809A1E4CF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {60C9E75D-2C52-4F95-9CA8-F60D5F38FD73} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{91E62C05-D765-4996-8249-482CD8BA9017}.exe
Task: {69C8CA79-E323-4755-BE3F-144D887FD81E} - System32\Tasks\schedule!3036567561 => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe <==== ATTENTION
Task: {91889E3C-318B-42E6-8611-BB461B82079E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {BC886342-E356-44CF-A519-D1647B6B6B68} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {BFB0BEDA-D621-4467-8555-19818BC1DC36} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C7A27E50-E575-4D5C-87B9-3965DE20CE2D} - \QtraxPlayer No Task File
Task: {CC8317FC-C91B-4E3F-A2EC-D2E8DA93799C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => d:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {CEFC21DB-AF4E-4063-9A40-4D31750B36DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {D63EF208-4B80-4F3F-8A96-8D7DFD5BBB98} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => d:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {DAE44472-25D3-4D13-8683-C2DC22811A0D} - System32\Tasks\{7187A9A2-6FAC-4346-97BE-2DFBBE4BE1C3} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {F5C480EB-7AAD-407F-8C9E-86B76A1DC983} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => d:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{91E62C05-D765-4996-8249-482CD8BA9017}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-12-01 20:26 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00603136 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00175616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2013-02-21 15:36 - 2013-02-21 15:36 - 00089915 _____ () C:\Users\Simon\AppData\Local\Temp\d12d05b4-91e4-4bef-b454-f07710dc01b4\CliSecureRT64.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00269824 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00142336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 09435648 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00198144 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00349184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00172032 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00306688 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00154112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00168960 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00156160 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-02-06 16:10 - 2013-02-06 16:10 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-03-27 22:40 - 2013-03-27 22:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-07-10 18:04 - 2013-07-10 18:04 - 01992328 _____ () C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
2013-08-19 21:25 - 2014-01-04 13:07 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-12 14:16 - 2014-02-12 14:16 - 00210432 _____ () c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
2014-02-02 11:26 - 2014-02-02 11:26 - 00317952 _____ () c:\Program Files\SavingsbullFilter\ProtocolFilters.dll
2013-11-19 00:42 - 2013-11-19 00:42 - 00110080 _____ () c:\Program Files\SavingsbullFilter\nfapi.dll
2013-04-07 10:48 - 2013-04-06 14:09 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-03-02 12:46 - 2014-03-02 12:46 - 00098816 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32api.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00110080 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\pywintypes27.dll
2014-03-02 12:46 - 2014-03-02 12:46 - 00364544 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\pythoncom27.dll
2014-03-02 12:46 - 2014-03-02 12:46 - 00044032 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\_socket.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 01153024 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\_ssl.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00320512 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32com.shell.shell.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00711680 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\_hashlib.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 01175040 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\wx._core_.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00805888 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\wx._gdi_.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00811008 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\wx._windows_.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 01062400 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\wx._controls_.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00735232 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\wx._misc_.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00128512 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\_elementtree.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00127488 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\pyexpat.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00557056 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\pysqlite2._sqlite.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00087040 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\_ctypes.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00119808 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32file.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00108544 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32security.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00018432 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32event.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00038912 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32inet.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00122368 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\wx._wizard.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00026624 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\_multiprocessing.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00070656 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\wx._html2.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00010240 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\select.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00686080 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\unicodedata.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00025600 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32pdh.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00521680 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\windows._lib_cacheinvalidation.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00011264 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32crypt.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00024064 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32pipe.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00035840 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32process.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00017408 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32profile.pyd
2014-03-02 12:46 - 2014-03-02 12:46 - 00022528 _____ () C:\Users\Simon\AppData\Local\Temp\_MEI16682\win32ts.pyd
2013-03-09 14:55 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2013-03-09 14:55 - 2009-07-10 09:07 - 00166912 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2013-02-21 15:14 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\EnumDevLib.dll
2014-03-01 18:09 - 2012-08-23 09:38 - 00574840 _____ () d:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-01 18:09 - 2012-04-03 16:06 - 00565640 _____ () d:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-10-05 03:52 - 2011-10-05 03:52 - 00756048 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-02-15 12:51 - 2014-02-15 12:51 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-20 23:50 - 2014-02-20 23:50 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Simon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tbhcn.lnk => C:\Windows\pss\tbhcn.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Simon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk => C:\Windows\pss\tcbhn.lnk.Startup
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: CyberGhost VPN => "C:\Program Files\CyberGhost VPN\Cyberghost.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: FILSHtray => "C:\Program Files (x86)\FILSHtray\FILSHtray.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: RGSC => D:\Spiele\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: SDTray => "d:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Simon\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2014 00:33:52 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (03/02/2014 00:33:51 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (03/01/2014 10:44:56 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/01/2014 07:54:31 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = D:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" ; Beschreibung = Säuberung (Spybot - Search & Destroy 2.3, Administratorrechte); Fehler = 0x80070422).

Error: (03/01/2014 07:54:15 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = D:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" ; Beschreibung = Säuberung (Spybot - Search & Destroy 2.3, Administratorrechte); Fehler = 0x80070422).

Error: (03/01/2014 02:35:38 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/28/2014 05:48:15 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/28/2014 05:44:53 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = O:\Spiele\PC\Steam\steamapps\common\Counter-Strike Global Offensive\directx_installer\DXSETUP.exe Global Offensive\directx_installer\DXSETUP.exe" /silent; Beschreibung = DirectX wurde installiert; Fehler = 0x80070422).

Error: (02/27/2014 09:31:34 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/27/2014 05:41:00 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).


System errors:
=============
Error: (03/02/2014 00:46:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/02/2014 00:46:26 PM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (03/02/2014 00:46:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SmartWeb erreicht.

Error: (03/02/2014 11:41:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/02/2014 11:41:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (03/02/2014 11:41:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/02/2014 11:41:21 AM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (03/02/2014 11:41:20 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SmartWeb erreicht.

Error: (03/02/2014 11:17:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/02/2014 11:17:40 AM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.


Microsoft Office Sessions:
=========================
Error: (08/17/2013 03:34:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: Microsoft Office Excel, Application Name: Microsoft Office Excel, Application Version: 䥓位ⵎ䍐, Microsoft Office Version: SIMON-PC. This session lasted SIMON-PC seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/17/2013 03:34:03 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/13/2013 03:40:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 18443 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (08/10/2013 06:20:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: 12.0.6665.5003, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 23631 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (04/10/2013 11:04:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 19950 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (03/26/2013 07:26:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 138 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/27/2013 08:56:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 27505 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (09/30/2012 07:57:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/24/2012 08:33:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 104 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (06/25/2012 08:53:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12454 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-02-21 13:59:25.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmipci.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-21 13:59:25.340
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmipci.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8187.49 MB
Available physical RAM: 5536.09 MB
Total Pagefile: 16373.17 MB
Available Pagefile: 13425.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:127.93 GB) (Free:11.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System) (Fixed) (Total:803.58 GB) (Free:653.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive m: (Let's Play-Rohdaten) (Fixed) (Total:2794.39 GB) (Free:1824.43 GB) NTFS
Drive o: (Test) (Fixed) (Total:1397.26 GB) (Free:234.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 4DAC27BC)
Partition 1: (Not Active) - (Size=804 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=128 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2795 GB) (Disk ID: F11380F6)

Partition: GPT Partition Type.

========================================================
Disk: 6 (Size: 1397 GB) (Disk ID: ACBA6678)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Ich hoffe, ihr könnt mir helfen, dieses Problem zu beseitigen.

Ich danke euch vielmals im Voraus.

Viele Grüße, Simon

Alt 02.03.2014, 13:32   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren - Standard

Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren



hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Antwort

Themen zu Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren
0x8007042, 4d36e972-e325-11ce-bfc1-08002be10318, antivir, avira, branding, converter, cubase, cyberghost, desktop, downloader, email, excel, failed, firefox, flash player, google, helper, home, homepage, iexplore.exe, logfile, maus, minidump, optimizerpro, problem, realtek, refresh, safer networking, scan, security, server, software, spotify web helper, svchost.exe, system, teredo



Ähnliche Themen: Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren


  1. Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Log-Analyse und Auswertung - 05.08.2015 (19)
  2. Einzelne Wörter werden blau unterstrichen wenn ich auf sie drücke werde ich zu Werbung gelinkt
    Plagegeister aller Art und deren Bekämpfung - 27.05.2015 (7)
  3. einzelne Wörter blau unterstrichen, Browser öffnet Werbeseiten
    Log-Analyse und Auswertung - 19.05.2015 (13)
  4. Windows 8 und Firefox...Einzelne Wörter doppelt unterstrichen/Werbepopups/Werbelinks
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (9)
  5. Win 8.1 - einzelne Wörter im Mozilla Firefox blau unterstrichen; Pop-ups
    Plagegeister aller Art und deren Bekämpfung - 06.02.2015 (19)
  6. Fenster öffnen sich und wörter werden blau unterstrichen (links)
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (13)
  7. wörter grün und blau doppelt unterstrichen
    Log-Analyse und Auswertung - 19.11.2014 (8)
  8. Werbung im Browser, Wörter doppelt blau unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 22.09.2014 (5)
  9. Windows 7: Chrome öffnet Fenster, Tabs und PopUps mit Werbung und Wörter doppelt blau unterstrichen
    Log-Analyse und Auswertung - 10.09.2014 (9)
  10. Win 7, Wörter blau und doppelt unterstrichen + Werbung
    Log-Analyse und Auswertung - 30.08.2014 (9)
  11. Wörter blau und doppelt unterstrichen + mass Werbung
    Log-Analyse und Auswertung - 04.08.2014 (13)
  12. Wörter blau und doppelt unterstrichen + Werbung
    Log-Analyse und Auswertung - 03.08.2014 (4)
  13. Firefox, einzelne Wörter in blauer Schrift und doppelt unterstrichen, beim Hoovern erscheint ein Popup/Werbung
    Log-Analyse und Auswertung - 12.07.2014 (17)
  14. Windows 8.1, Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (12)
  15. Windows 8: Einzelne Wörter grün, doppelt unterstrichen und verlinkt mit Werbung etc.
    Plagegeister aller Art und deren Bekämpfung - 21.03.2014 (14)
  16. Wörter in texten grün unterlegt und doppelt unterstrichen
    Alles rund um Windows - 02.03.2014 (18)
  17. Einzelne Wörter sind plötzlich blau und doppelt unterstrichen - Fenster öffnen sich
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (23)

Zum Thema Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren - Hallo zusammen, ich habe seit ein paar Tagen ein äußerst nerviges Problem: In Firefox sind einige Wörter blau unterlegt (verlinkt), doppelt unterstrichen, und es öffnen sich Werbepopups, wenn ich mit - Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren...
Archiv
Du betrachtest: Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.