Zur點k   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bek鋗pfung

Plagegeister aller Art und deren Bek鋗pfung: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerw黱schte Software zu deinstallieren bzw. zu l鰏chen. Bitte schildere dein Problem so genau wie m鰃lich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.04.2014, 10:35   #1
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Hallo Liebe Community,
Es geht darum, dass ich den Verdacht habe, dass mein PC stark mit Viren befallen ist. Seit einigen Wochen schon leidet die Internetverbindung extrem, Ich werde, wenn ich den Browser 鰂fne, auf ganz komische Seiten umgeleitet, Der Pc friert manchmal einfach so ein und der Computer ist an sich recht langsam. Nun die Frage: Kann mir jemand von euch helfen diese Viren zu l鰏chen damit der Computer wieder besser funktioniert?

Danke im Vorraus!

P.S. Ich benutze windows-7

Mit freundlichen Gren

Bekir

Was noch hinzuzuf黦en ist: Ich war schon einmal hier im Forum und hatte mein Problem mit diesem Forum geteilt. Mir wurde intensiv bei der Sache geholfen und alle Viren(zumindest die Symptome) wurden bereinigt. Da wollte ich mich nochmal bedanken.

Alt 14.04.2014, 11:13   #2
Bootsektor
/// TB-Ausbilder
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgf鋖tig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausf黨rung und beschreibe mir das Problem
  • F黨re bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere w鋒rend der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle w鋒rend unserer Freizeit t鋞ig sind, wenn du innerhalb von 2 Tagen nichts von mir h鰎st, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware l鋝st sich in den allermeisten F鋖len problemlos entfernen.
Solltest Du Dich f黵 eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte f黦e die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke 黚er dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [code][/code]
  • Zwischen den beiden code-Bausteinen f黦st Du dann deine Logfiles ein. Also [CODE] Logfile [/CODE]
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • 膎dere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.04.2014, 11:34   #3
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Addition.txt
Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 01
Ran by Botan at 2014-04-14 12:31:08
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
剑灵_腾讯 (HKLM-x32\...\剑灵_腾讯) (Version: - Tencent)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Browser Stabilizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{2db04d42}) (Version: - Appdev Ltd) <==== ATTENTION
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
C9 (HKLM-x32\...\C9(Continent of the Ninth Seal)_is1) (Version: - WEBZEN)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
China Localization Patcher (HKLM-x32\...\{358B9F54-BFA2-4FC4-8134-CA786EC84260}) (Version: 1.5.1.0 - LokiReborn)
Cisco EAP-FAST Module (HKLM-x32\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - )
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Don't Starve (HKLM-x32\...\DontStarve) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve )
Dr. Hardware 2013 13.0d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version: - Peter A. Gebhard)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Feven 2.5 (HKLM-x32\...\Feven 2.5) (Version: 1.33.153.1 - Feven) <==== ATTENTION
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to MP3 Converter version 5.0.23.320 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
InfiniteCrisis (HKLM-x32\...\InfiniteCrisis) (Version: - Turbine, Inc)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
腾讯游戏平台 (HKLM-x32\...\腾讯游戏平台Formal) (Version: - Tencent)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kingdoms of Amalur™ Reckoning DELUXE EDITION (HKLM-x32\...\Kingdoms of Amalur™ Reckoning DELUXE EDITION_is1) (Version: 1.0.0.2 - QfG)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LevelOne WUA-0605 Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0113 - LevelOne)
Lyrics Monkey (HKLM-x32\...\lyricsmonkey@mendoni.net) (Version: - MNDi Software) <==== ATTENTION
MagniPic (HKLM\...\{9F50A85D-1668-4098-A273-5E4A44B38AAB}) (Version: 1.0 - ) <==== ATTENTION
Mass Effect Deluxe Edition (HKLM-x32\...\{A5C7818C-27AC-4A71-BEDF-BA5652D2CC36}_is1) (Version: v1.02 - The Most Electrifying Man)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version: - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140120.76235 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlurPush (HKLM\...\PlurPush) (Version: 2014.03.28.231718 - PlurPush)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT (HKCU\...\RIFT) (Version: - Trion Worlds, Inc.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SoftwareUpdater (HKLM-x32\...\SoftwareUpdater) (Version: - )
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.5.201304180917 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version: - Microsoft)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WPM17.8.0.3325 (HKLM-x32\...\WPM) (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
网游加速小助手(剑灵) (HKLM-x32\...\网游加速小助手(剑灵)) (Version: 2.0.45.89 - Copyright (C) 2013 Tencent)

==================== Restore Points =========================

08-04-2014 12:27:51 Windows Update
10-04-2014 16:06:12 Windows Update
12-04-2014 06:45:18 Installed Java 7 Update 51
14-04-2014 10:07:20 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:08:44 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:11:19 Revo Uninstaller's restore point - RegClean Pro
14-04-2014 10:15:05 Revo Uninstaller's restore point - Yahoo Community Smartbar
14-04-2014 10:16:08 Revo Uninstaller's restore point - VO Package
14-04-2014 10:17:11 Revo Uninstaller's restore point - Shopping Helper Smartbar Engine
14-04-2014 10:18:08 Revo Uninstaller's restore point - Shopping Helper Smartbar
14-04-2014 10:19:16 Revo Uninstaller's restore point - Search Protect
14-04-2014 10:20:20 Revo Uninstaller's restore point - PDF24 Creator 6.3.1
14-04-2014 10:21:52 Revo Uninstaller's restore point - BlockAndSurf
14-04-2014 10:23:16 Revo Uninstaller's restore point - RoboForm 7-9-0-0 (All Users)
14-04-2014 10:25:22 Revo Uninstaller's restore point - MixiDJ Toolbar
14-04-2014 10:26:16 Revo Uninstaller's restore point - Advanced System Protector
14-04-2014 10:27:23 Revo Uninstaller's restore point - AnyProtect

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {002BED3E-0919-4BBA-995C-03DF069AAFAC} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {037DF9E7-FADB-45C4-B37F-AB10B1FD36D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {08C53256-84E4-4A93-9D31-4012A0E1265A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {0B690F27-DA5A-4C5E-8AF6-045ABC577E99} - System32\Tasks\Opera D2 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {0F3BF346-E3C8-407A-A8ED-F1A344B1AE90} - System32\Tasks\MySearchDial => C:\Users\Botan\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {248AD0D2-7E7E-4D32-81AB-FA015E15B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {32E2FB49-08D2-4DBE-93C7-4EC65EC0EC27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {349B0F97-B431-456B-B666-EB392A49DA97} - System32\Tasks\{EB1A13EA-FB01-4D59-99CA-D755078280C9} => Firefox.exe
Task: {358D2FBC-F05A-4FC4-AE91-FC65E464D2C0} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-06-29] (Siber Systems)
Task: {466EB646-6AE3-4FEA-AFAE-4B00CF4A4F1F} - System32\Tasks\Feven 2.5-updater => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {4D706DDF-EC04-4E4E-BA67-1F48DEAD41DF} - System32\Tasks\{7636DB98-A8B0-4C6C-B62E-77A875639331} => Firefox.exe
Task: {716308E0-EBF5-4045-B679-B21CAF58631D} - System32\Tasks\Feven 2.5-enabler => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {91A8BAED-7921-4F64-8D8F-23A72868DD67} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {9503C1BF-E2EA-4760-BD4F-F7647B362EEA} - System32\Tasks\{BE28D158-551B-4294-9100-DA3EFCA27DD3} => Firefox.exe
Task: {A3BF923E-AA25-43DC-B5EC-2164F85BE938} - System32\Tasks\Opera D3 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {AB508837-83B5-4E66-9A18-561657546FF3} - System32\Tasks\Feven 2.5-codedownloader => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B463C9EE-9821-4903-8D31-3266E2131E4A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMNJLMMJMMKMLJJJCNOMKMJJKMCNLMIMNJHMCNGMOMOMJMCNLMLJNJHMPMNMOJIMJJHMKMOMJNJICMIMCNGMCNPMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMPMCNN MJNPICMPMFMFMNMHMHMJNHICMEKMICNJJCKJNBJCMNLAJLIOJBJJNKJCMJNNICMJNDJCMLJKJ"
Task: {C186A300-3641-462C-A6D7-1A3BB0D8F83B} - System32\Tasks\Feven 2.5-firefoxinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {C3C1E073-17C1-4AD7-888A-EFA9E57142B8} - System32\Tasks\Opera D4 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {C9235D0C-6F53-4B69-AC9C-53FC28D920D7} - System32\Tasks\{3AD24F87-9E1D-4000-88A5-34C6683E7650} => Firefox.exe hxxp://ui.skype.com/ui/0/6.10.59.104/de/abandoninstall?page=tsProgressBar
Task: {E0528B75-3D38-4F12-A4E6-033E34E9F856} - System32\Tasks\MagniPicUpdaterTask{763F5F08-6C67-402E-A43C-A37A27633406} => C:\ProgramData\Premium\MagniPic\MagniPic.exe [2012-12-04] () <==== ATTENTION
Task: {E14E85D1-45F7-43B2-9A7C-CB3D1D188C22} - System32\Tasks\Feven 2.5-chromeinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {ED694BC0-5C42-40F0-A6D5-2F1AEC4CFB58} - System32\Tasks\Opera D1 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {FA300F06-B62E-4AA8-AC6E-3FA665C44822} - System32\Tasks\Opera D5 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\Feven 2.5-chromeinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-codedownloader.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-enabler.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-updater.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MagniPicUpdaterTask{763F5F08-6C67-402E-A43C-A37A27633406}.job => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Botan\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-12-27 18:07 - 2013-12-27 18:07 - 04204032 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-06-23 19:00 - 2012-12-04 11:39 - 00235008 ____N () C:\ProgramData\Premium\MagniPic\MagniPic.exe
2010-10-19 09:31 - 2010-10-19 09:31 - 00205312 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2013-06-01 16:12 - 2013-06-01 16:12 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-01 16:12 - 2013-06-01 16:12 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-02-18 09:52 - 2013-02-18 09:52 - 00031744 _____ () C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
2014-03-29 01:17 - 2014-04-10 14:25 - 00350488 _____ () C:\Program Files (x86)\PlurPush\updatePlurPush.exe
2014-03-30 16:34 - 2014-04-10 13:52 - 00350488 _____ () C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
2012-12-19 17:32 - 2012-12-19 17:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-03-30 17:05 - 2014-03-30 17:05 - 00287000 _____ () C:\Program Files (x86)\PlurPush\bin\FilterApp_C64.exe
2014-04-10 00:08 - 2014-04-08 00:02 - 00095512 _____ () C:\Program Files (x86)\PlurPush\bin\PlurPush.BrowserAdapter.exe
2014-02-09 12:40 - 2014-02-09 12:40 - 00012832 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Lrcnta.exe
2013-12-27 18:07 - 2013-12-27 18:07 - 04242432 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer.dll
2013-12-27 18:07 - 2013-12-27 18:07 - 00180048 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-26 00:02 - 2009-12-09 15:20 - 00126976 ____R () C:\Program Files (x86)\LevelOne\WUA-0605\EnumDevLib.dll
2014-02-25 10:55 - 2014-02-25 10:55 - 00151040 ____N () C:\Users\Bekir&Botan\AppData\Local\Temp\is45637729\1940131_stp\RAM.dll
2014-03-17 14:19 - 2014-03-17 14:19 - 00214528 ____N () C:\Users\Bekir&Botan\AppData\Local\Temp\is45637729\1940214_stp\icc.dll
2014-03-13 16:39 - 2014-03-13 16:39 - 00645592 ____N () C:\Users\Bekir&Botan\AppData\Local\Temp\is45637729\1940214_stp\sqlite3.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00033824 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00063520 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srau.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00166432 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 02310688 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00058400 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\spbl.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00152608 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00013344 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\siem.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00054304 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\sppsm.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00728096 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00082464 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014368 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00017440 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00052256 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srut.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00020512 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srsbs.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00059424 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00037408 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srbu.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014368 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\sgml.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00053280 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014880 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srpdm.dll
2014-02-09 12:40 - 2014-02-09 12:40 - 00048160 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-02-09 12:37 - 2014-02-09 12:37 - 00026144 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00025632 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00193056 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\sgmu.dll
2014-02-09 12:37 - 2014-02-09 12:37 - 00061440 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00247328 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srns.dll
2014-02-09 12:40 - 2014-02-09 12:40 - 00020512 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\lrcnt.dll
2014-03-18 18:05 - 2014-03-18 18:05 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-18 17:01 - 2014-03-28 15:40 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2014 00:31:12 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:31:08 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:31:05 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:31:02 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:30:06 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:30:04 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:30:03 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:30:01 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:29:06 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/14/2014 00:29:05 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.


System errors:
=============
Error: (04/14/2014 11:19:01 AM) (Source: Service Control Manager) (User: )
Description: Dienst "BlockAndSurf" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/14/2014 11:18:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (04/14/2014 11:17:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet:
%%126

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (04/14/2014 11:16:52 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:15:59 unerwartet heruntergefahren.

Error: (04/14/2014 11:15:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:14:02 unerwartet heruntergefahren.

Error: (04/14/2014 11:13:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/14/2014 11:13:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (04/14/2014 11:13:13 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:11:47 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 4093.55 MB
Available physical RAM: 1527.5 MB
Total Pagefile: 8185.25 MB
Available Pagefile: 5199.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:136.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6312B514)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014 01
Ran by Botan (administrator) on XEBAT-PC on 14-04-2014 12:30:14
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\Premium\MagniPic\MagniPic.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
() C:\Program Files (x86)\PlurPush\updatePlurPush.exe
() C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Akamai Technologies, Inc.) C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BugSplat, LLC) C:\Users\Bekir&Botan\Desktop\LOLPBE\RADS\solutions\lol_game_client_sln\releases\0.0.2.36\deploy\BsSndRpt.exe
(BugSplat, LLC) C:\Users\Bekir&Botan\Desktop\LOLPBE\RADS\solutions\lol_game_client_sln\releases\0.0.2.36\deploy\BsSndRpt.exe
(                                                            ) C:\Users\BEKIR&~1\AppData\Local\Temp\nsh8CB7.tmp
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe
() C:\Program Files (x86)\PlurPush\bin\FilterApp_C64.exe
() C:\Program Files (x86)\PlurPush\bin\PlurPush.BrowserAdapter.exe
(Smartbar) C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.exe
() C:\Users\Botan\AppData\Local\Smartbar\Application\Lrcnta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [X]
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2013-06-29] (Siber Systems)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe [20760 2013-11-21] (Smartbar)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Spotify] => C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Akamai NetSession Interface] => C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [DT Emphelungstool] => "C:\Users\Bekir&Botan\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\MountPoints2: {db1faac1-9594-11e2-9446-806e6f6e6963} - D:\Start.exe
AppInit_DLLs: C:\PROGRA~3\BROWSE~1\BROWSE~2.DLL => C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll [4204032 2013-12-27] ()
AppInit_DLLs-x32: c:\progra~3\browse~1\browse~1.dll => C:\ProgramData\Browser Stabilizer\BrowserStabilizer.dll [4242432 2013-12-27] ()
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cn.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDM,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDM,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDM,&q={searchTerms}
BHO: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll (Feven)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho.dll (Feven)
BHO-x32: Lyrics Monkey - {18CAEA74-C7E8-4D37-967F-1D01351BA398} - C:\Program Files (x86)\LyricsMonkey\lyricsmonkey.dll (MNDi Software)
BHO-x32: MiaggnyiPPic - {226EC5EC-B16E-A1ED-2CC5-09C8C306D073} - C:\ProgramData\MiaggnyiPPic\51c7351647449.dll ()
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll (PlurPush)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: http:\/\/start.mysearchdial.com\/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: http:\/\/start.mysearchdial.com\/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google-Suche) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (MySearchDial Neuer Tab) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Google Mail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR Extension: (Feven 2.5) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbhkhbgdaamliaimlpdlhokkecoibka [2014-01-18]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-18]
CHR HKLM-x32\...\Chrome\Extension: [khialnikbocfgkohdegnebhmmaifoglp] - C:\Program Files (x86)\LyricsMonkey\Chrome.crx [2013-04-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 2db04d42; C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll [180048 2013-12-27] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
U4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2466080 2014-03-30] (Conduit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-02-18] ()
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-10] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-10] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-18] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [884712 2014-03-23] (TENCENT)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-14 12:30 - 2014-04-14 12:30 - 00024302 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-14 12:29 - 02157568 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D1
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Systweak
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 10:30 - 2014-04-14 10:50 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2014-04-14 12:22 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 09:10 - 2014-04-14 12:10 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-14 09:10 - 2014-04-14 09:10 - 00003232 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-04-14 09:09 - 2014-04-14 09:10 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\mysearchdial
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-14 09:09 - 2014-04-14 09:09 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 09:09 - 2014-04-11 23:13 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-14 12:19 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-11 14:43 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-03 22:37 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (hxxp://yourfiledownloader.com) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:12 - 2014-04-03 18:12 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Systweak
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:02 - 2014-04-03 18:03 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Systweak
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:30 - 2014-03-31 14:52 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-03-30 15:30 - 2014-03-30 15:30 - 00001973 _____ () C:\Users\Botan\Desktop\Sync Folder.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00001091 _____ () C:\Users\Botan\Desktop\MyPC Backup.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-30 15:29 - 2014-04-14 12:26 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Systweak
2014-03-30 15:29 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\Smartbar
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\LPT
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:16 - 2014-03-23 14:16 - 00000000 ____D () C:\Program Files\Tencent
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 16:02 - 00000000 ____D () C:\Program Files (x86)\Tencent
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 21:54 - 2014-03-22 01:10 - 00000000 ____D () C:\ProgramData\Tencent
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-23 22:47 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-22 01:10 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Tencent
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-14 12:30 - 2014-04-14 12:30 - 00024302 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-14 12:29 - 02157568 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:26 - 2014-03-30 15:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Systweak
2014-04-14 12:24 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:22 - 2014-04-14 09:11 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 12:22 - 2013-03-25 23:44 - 01778423 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 12:21 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 12:19 - 2014-04-07 20:19 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-14 12:17 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:10 - 2014-04-14 09:10 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D1
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 12:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 11:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 11:21 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-14 11:21 - 2014-01-18 00:09 - 00001328 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-04-14 11:21 - 2014-01-18 00:09 - 00001280 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-04-14 11:21 - 2014-01-18 00:09 - 00001152 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-04-14 11:21 - 2014-01-18 00:08 - 00002112 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-04-14 11:21 - 2014-01-18 00:08 - 00002034 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-04-14 11:21 - 2013-06-23 19:00 - 00000376 ____H () C:\Windows\Tasks\MagniPicUpdaterTask{763F5F08-6C67-402E-A43C-A37A27633406}.job
2014-04-14 11:21 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:19 - 2014-01-18 00:09 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Systweak
2014-04-14 11:16 - 2013-03-26 00:21 - 00194534 _____ () C:\Windows\PFRO.log
2014-04-14 11:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 11:16 - 2009-07-14 06:51 - 00080673 _____ () C:\Windows\setupact.log
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 10:50 - 2014-04-14 10:30 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-14 09:10 - 2014-04-14 09:10 - 00003232 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-04-14 09:10 - 2014-04-14 09:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\mysearchdial
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-14 09:09 - 2014-04-14 09:09 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-13 11:58 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 23:13 - 2014-04-14 09:09 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-11 14:43 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-09 21:10 - 2013-06-10 22:13 - 00002387 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2013-03-29 11:48 - 00000000 _____ () C:\END
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:37 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:55 - 2014-04-03 21:54 - 07083256 _____ (hxxp://yourfiledownloader.com) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2014-04-03 18:12 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Systweak
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:03 - 2014-04-03 18:02 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Systweak
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-31 18:36 - 2014-01-18 00:09 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-03-31 14:52 - 2014-03-30 15:30 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:30 - 2014-03-30 15:30 - 00001973 _____ () C:\Users\Botan\Desktop\Sync Folder.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00001091 _____ () C:\Users\Botan\Desktop\MyPC Backup.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\Smartbar
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\LPT
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:47 - 2014-03-19 19:02 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:16 - 2014-03-23 14:16 - 00000000 ____D () C:\Program Files\Tencent
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-22 01:10 - 2014-03-19 21:54 - 00000000 ____D () C:\ProgramData\Tencent
2014-03-22 01:10 - 2014-03-18 20:41 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Tencent
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 16:02 - 2014-03-20 15:59 - 00000000 ____D () C:\Program Files (x86)\Tencent
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Bekir&Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\DelayInst.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\installservice.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMDll.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMResource.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\Profiles.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\unicows.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Botan\AppData\Local\Temp\1_Offer_9.exe
C:\Users\Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Botan\AppData\Local\Temp\DownloadManager.exe
C:\Users\Botan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Botan\AppData\Local\Temp\nsiA7B8.exe
C:\Users\Botan\AppData\Local\Temp\sp-downloader.exe
C:\Users\Botan\AppData\Local\Temp\TXPltSafeInit.dll
C:\Users\Schule\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Schule\AppData\Local\Temp\gnsocaby.dll
C:\Users\Schule\AppData\Local\Temp\hrxha0hy.dll
C:\Users\Schule\AppData\Local\Temp\instloffer.exe
C:\Users\Schule\AppData\Local\Temp\itinstallerp.exe
C:\Users\Schule\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Schule\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Schule\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Schule\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Schule\AppData\Local\Temp\uninst1.exe
C:\Users\Schule\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Schule\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Xebat\AppData\Local\Temp\bitool.dll
C:\Users\Xebat\AppData\Local\Temp\DeltaTB.exe
C:\Users\Xebat\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Xebat\AppData\Local\Temp\LyricsPal.exe
C:\Users\Xebat\AppData\Local\Temp\lyricstmp.exe
C:\Users\Xebat\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\Xebat\AppData\Local\Temp\ose00000.exe
C:\Users\Xebat\AppData\Local\Temp\vlc-2.0.6-win64.exe
C:\Users\Xebat\AppData\Local\Temp\wajam_install.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
__________________

Alt 14.04.2014, 21:10   #4
Bootsektor
/// TB-Ausbilder
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Hallo bekirikus,

gibt es einen bestimmten Grund, warum auf dem Rechner kein Antivirenprogramm drauf ist?

Sagt dir eine Softwarefirma namens Tencent etwas? In deiner Programmliste befindet sich ein Eintrag von denen.

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

Browser Stabilizer
Bundled software uninstaller
DMUninstaller
Feven 2.5
FilesFrog Update Checker
Lyrics Monkey
MagniPic
MyPC Backup
Mysearchdial
SoftwareUpdater
WPM17.8.0.3325

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm ausw鋒len --> entfernen
Falls du Probleme mit der Deinstallation eines der genannten Programme haben solltest, dann benutze den Revo-uninstaller daf黵.

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schlie遝 alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgew鋒lt sind:
    • "Tracing" Schl黶sel l鰏chen
    • Winsock Einstellungen zur點ksetzen
    • Proxy Einstellungen zur點ksetzen
    • Internet Explorer Richtlinien zur點ksetzen
    • Chrome Richtlinien zur點ksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgew鋒lt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf L鰏chen und best鋞ige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart 鰂fnet sich eine Textdatei. Poste mir deren Inhalt mit deiner n鋍hsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
    Windows Vista und h鰄er: mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfl鋍he noch in Englisch sein, klicke auf Settings und w鋒le bei Language German aus.
  • Klicke auf Armaturenbrett und auf Jetzt aktualisieren, um die Datenbank zu updaten.
  • Klicke im Anschluss auf Suchlauf, w鋒le den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarant鋘e verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschlie遝n.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • W鋒le das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. W鋒le Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • F黦e den Inhalt der mbam.txt mit deiner n鋍hsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und dr點ke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Alt 15.04.2014, 13:46   #5
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Tencent sagt mir jetzt nichts :O. Zu den Virenprogrammen kann ich nur sagen, dass ich immer die falschen raussuche und diese sich dann als Viren herausstellen.. W黵de mich freuen wenn du mir ein Programm(kostenlos) empfehlen k鰊ntest.

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 15/04/2014 um 13:08:23
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate  (64 bits)
# Benutzername : Botan - XEBAT-PC
# Gestartet von : C:\Users\Botan\Downloads\adwcleaner.exe
# Option : L鰏chen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gel鰏cht : C:\ProgramData\Babylon
Ordner Gel鰏cht : C:\ProgramData\simplitec
Ordner Gel鰏cht : C:\ProgramData\StarApp
Ordner Gel鰏cht : C:\ProgramData\Tarma Installer
Ordner Gel鰏cht : C:\ProgramData\Tencent
Ordner Gel鰏cht : C:\ProgramData\WPM
Ordner Gel鰏cht : C:\ProgramData\MiaggnyiPPic
Ordner Gel鰏cht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gel鰏cht : C:\Program Files (x86)\MagniPic
Ordner Gel鰏cht : C:\Program Files (x86)\Mobogenie
Ordner Gel鰏cht : C:\Program Files (x86)\myfree codec
Ordner Gel鰏cht : C:\Program Files (x86)\Tencent
Ordner Gel鰏cht : C:\Program Files (x86)\XingHaoLyrics
Ordner Gel鰏cht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gel鰏cht : C:\Program Files (x86)\Common Files\Tencent
Ordner Gel鰏cht : C:\Program Files\Tencent
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Local\Babylon
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Local\Temp\Iminent
Ordner Gel鰏cht : C:\Users\Xebat\AppData\LocalLow\Delta
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\BabSolution
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Babylon
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Systweak
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gel鰏cht : C:\Users\Schule\AppData\Local\webplayer
Ordner Gel鰏cht : C:\Users\Schule\AppData\LocalLow\Delta
Ordner Gel鰏cht : C:\Users\Schule\AppData\LocalLow\mixidj
Ordner Gel鰏cht : C:\Users\Schule\AppData\LocalLow\MiaggnyiPPic
Ordner Gel鰏cht : C:\Users\Schule\AppData\Roaming\BitLord
Ordner Gel鰏cht : C:\Users\Schule\AppData\Roaming\simplitec
Ordner Gel鰏cht : C:\Users\Schule\AppData\Roaming\Systweak
Ordner Gel鰏cht : C:\Users\Schule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker 
Ordner Gel鰏cht : C:\Users\Schule\Documents\BitLord
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\genienext
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Mobogenie
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\PackageAware
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Smartbar
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Temp\Smartbar
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\LocalLow\mixidj
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\LocalLow\Smartbar
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\LocalLow\MiaggnyiPPic
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\OpenCandy
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\Systweak
Ordner Gel鰏cht : C:\Users\Bekir&Botan\Documents\Mobogenie
Ordner Gel鰏cht : C:\Users\Botan\AppData\Local\LPT
Ordner Gel鰏cht : C:\Users\Botan\AppData\Local\Smartbar
Ordner Gel鰏cht : C:\Users\Botan\AppData\Local\Temp\Smartbar
Ordner Gel鰏cht : C:\Users\Botan\AppData\Local\Temp\Tencent
Ordner Gel鰏cht : C:\Users\Botan\AppData\LocalLow\mixidj
Ordner Gel鰏cht : C:\Users\Botan\AppData\LocalLow\Smartbar
Ordner Gel鰏cht : C:\Users\Botan\AppData\LocalLow\MiaggnyiPPic
Ordner Gel鰏cht : C:\Users\Botan\AppData\Roaming\Mysearchdial
Ordner Gel鰏cht : C:\Users\Botan\AppData\Roaming\Systweak
Ordner Gel鰏cht : C:\Users\Botan\AppData\Roaming\Tencent
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\ffxtlbr@mixidj.com
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\staged
Ordner Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\Extensions\staged
Ordner Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\Extensions\staged
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\Extensions\staged
Ordner Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Ordner Gel鰏cht : C:\Users\Schule\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp
Ordner Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp
Datei Gel鰏cht : C:\END
Datei Gel鰏cht : C:\Windows\System32\roboot64.exe
Datei Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gel鰏cht : C:\Users\Bekir&Botan\Desktop\Search.lnk
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\bprotector_extensions.sqlite
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\bprotector_prefs.js
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\Babylon.xml
Datei Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\searchplugins\Babylon.xml
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\BrowserProtect.xml
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\mixidj.xml
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\Mysearchdial.xml
Datei Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\searchplugins\Mysearchdial.xml
Datei Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\searchplugins\Mysearchdial.xml
Datei Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\searchplugins\Mysearchdial.xml
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\Web Search.xml
Datei Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\searchplugins\Web Search.xml
Datei Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\searchplugins\Web Search.xml
Datei Gel鰏cht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\user.js
Datei Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\user.js
Datei Gel鰏cht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\user.js
Datei Gel鰏cht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\user.js
Datei Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gel鰏cht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

***** [ Verkn黳fungen ] *****

Verkn黳fung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verkn黳fung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verkn黳fung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verkn黳fung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verkn黳fung Desinfiziert : C:\Users\Botan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Prod.cap
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\speedupmypc
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\5208adbe16fee43
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_actual-booster_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_actual-booster_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skypelogview_RASAPI32
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skypelogview_RASMANCS
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{226EC5EC-B16E-A1ED-2CC5-09C8C306D073}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{226EC5EC-B16E-A1ED-2CC5-09C8C306D073}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schl黶sel Gel鰏cht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schl黶sel Gel鰏cht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gel鰏cht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gel鰏cht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schl黶sel Gel鰏cht : HKCU\Software\BI
Schl黶sel Gel鰏cht : HKCU\Software\InstallCore
Schl黶sel Gel鰏cht : HKCU\Software\mysearchdial.com
Schl黶sel Gel鰏cht : HKCU\Software\SmartBar
Schl黶sel Gel鰏cht : HKCU\Software\smartbarbackup
Schl黶sel Gel鰏cht : HKCU\Software\smartbarlog
Schl黶sel Gel鰏cht : HKCU\Software\systweak
Schl黶sel Gel鰏cht : HKCU\Software\TENCENT
Schl黶sel Gel鰏cht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schl黶sel Gel鰏cht : HKCU\Software\AppDataLow\TENCENT
Schl黶sel Gel鰏cht : HKCU\Software\AppDataLow\Software\Crossrider
Schl黶sel Gel鰏cht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schl黶sel Gel鰏cht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schl黶sel Gel鰏cht : HKLM\Software\Babylon
Schl黶sel Gel鰏cht : HKLM\Software\Iminent
Schl黶sel Gel鰏cht : HKLM\Software\Myfree Codec
Schl黶sel Gel鰏cht : HKLM\Software\nationzoomSoftware
Schl黶sel Gel鰏cht : HKLM\Software\SoftwareUpdater
Schl黶sel Gel鰏cht : HKLM\Software\SP Global
Schl黶sel Gel鰏cht : HKLM\Software\SProtector
Schl黶sel Gel鰏cht : HKLM\Software\supWPM
Schl黶sel Gel鰏cht : HKLM\Software\systweak
Schl黶sel Gel鰏cht : HKLM\Software\TENCENT
Schl黶sel Gel鰏cht : HKLM\Software\Uniblue
Schl黶sel Gel鰏cht : HKLM\Software\Vittalia
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\DomaIQ
Schl黶sel Gel鰏cht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16476

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\prefs.js ]

Zeile gel鰏cht : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5IJzD1I[...]
Zeile gel鰏cht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gel鰏cht : user_pref("extensions.crossrider.bic", "143df47e901d5f1afaf10e9892e57d3e");
Zeile gel鰏cht : user_pref("extensions.mixidj.tlbrId", "mdelta");
Zeile gel鰏cht : user_pref("extensions.wajam.affiliate_id", "5921");
Zeile gel鰏cht : user_pref("extensions.wajam.firstrun", "false");
Zeile gel鰏cht : user_pref("extensions.wajam.log_send_info", "false");
Zeile gel鰏cht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21088\",\"update_interval\":1379,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]
Zeile gel鰏cht : user_pref("extensions.wajam.no_trace", "false");
Zeile gel鰏cht : user_pref("extensions.wajam.server_current_mapping_version", "0.21088");
Zeile gel鰏cht : user_pref("extensions.wajam.supported_sites.amazon_product.priam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam'[...]
Zeile gel鰏cht : user_pref("extensions.wajam.supported_sites.amazon_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]
Zeile gel鰏cht : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Zeile gel鰏cht : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Zeile gel鰏cht : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['W[...]
Zeile gel鰏cht : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]
Zeile gel鰏cht : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Zeile gel鰏cht : user_pref("extensions.wajam.trace_log", "1365245657839 - onFlagInfoReceived - Server mapping version (client-side): 0.21086\n1365245657839 - onFlagInfoReceived - Same server mapping version, don't upd[...]
Zeile gel鰏cht : user_pref("extensions.wajam.unique_id", "2BAE65D8B6B1C5AEA46FD1876421E2C2");
Zeile gel鰏cht : user_pref("extensions.wajam.user_current_mapping_version", "0");
Zeile gel鰏cht : user_pref("extensions.wajam.version", "1.26");
Zeile gel鰏cht : user_pref("extensions.wajam.website_version", "1.00271.0");
Zeile gel鰏cht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD[...]
Zeile gel鰏cht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiH[...]

[ Datei : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\prefs.js ]

Zeile gel鰏cht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gel鰏cht : user_pref("aol_toolbar.default.search.check", false);
Zeile gel鰏cht : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5IJzD1I[...]
Zeile gel鰏cht : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gel鰏cht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gel鰏cht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD[...]
Zeile gel鰏cht : user_pref("extensions.51c735164736a.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};if(window.self==window.top){var script=document.createElem[...]
Zeile gel鰏cht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gel鰏cht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gel鰏cht : user_pref("extensions.crossrider.bic", "143d322eb8e7dd5d5d40dc19140f2132");
Zeile gel鰏cht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiH[...]
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.searchguard.enable", "");

[ Datei : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\prefs.js ]

Zeile gel鰏cht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gel鰏cht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD[...]

[ Datei : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\prefs.js ]

Zeile gel鰏cht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gel鰏cht : user_pref("aol_toolbar.default.search.check", false);
Zeile gel鰏cht : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5IJzD1I[...]
Zeile gel鰏cht : user_pref("browser.search.defaultenginename", "nationzoom");
Zeile gel鰏cht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gel鰏cht : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=c0b4d54d-99ca-aa89-23c5-24b59b538e10&searchtype=hp&fr=linkury-tb&installDate=14/01/2014&ty[...]
Zeile gel鰏cht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gel鰏cht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gel鰏cht : user_pref("extensions.crossrider.bic", "143a2d2bba07b56ec54849a93dd5b919");
Zeile gel鰏cht : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=c0b4d54d-99ca-aa89-23c5-24b59b538e10&searchtype=ds&fr=linkury-tb&installDate=14/01/2014&type=hp1000&p="[...]
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gel鰏cht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Zeile gel鰏cht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Zeile gel鰏cht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Zeile gel鰏cht : user_pref("sweetim.toolbar.searchguard.enable", "false");

[ Datei : C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534\prefs.js ]

Zeile gel鰏cht : user_pref("extensions.crossrider.bic", "145649c8d427189e17acc34ad9fe9147");

-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Schule\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gel鰏cht : homepage

[ Datei : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gel鰏cht : homepage

[ Datei : C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gel鰏cht : icon_url

*************************

AdwCleaner[R0].txt - [37437 octets] - [15/04/2014 13:07:13]
AdwCleaner[S0].txt - [30407 octets] - [15/04/2014 13:08:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30468 octets] ##########
         
--- --- ---


+++ mbam.txt konnte ich hier nicht reinkopieren da beim erstellen der datei das gesamte Programm abgest黵tzt ist +++

Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by Botan at 2014-04-15 14:10:42
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
剑灵_腾讯 (HKLM-x32\...\剑灵_腾讯) (Version:  - Tencent)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
C9 (HKLM-x32\...\C9(Continent of the Ninth Seal)_is1) (Version:  - WEBZEN)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
China Localization Patcher (HKLM-x32\...\{358B9F54-BFA2-4FC4-8134-CA786EC84260}) (Version: 1.5.1.0 - LokiReborn)
Cisco EAP-FAST Module (HKLM-x32\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Don't Starve (HKLM-x32\...\DontStarve) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dr. Hardware 2013 13.0d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version:  - Peter A. Gebhard)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to MP3 Converter version 5.0.23.320 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
InfiniteCrisis (HKLM-x32\...\InfiniteCrisis) (Version:  - Turbine, Inc)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
腾讯游戏平台 (HKLM-x32\...\腾讯游戏平台Formal) (Version:  - Tencent)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kingdoms of Amalur™ Reckoning DELUXE EDITION (HKLM-x32\...\Kingdoms of Amalur™ Reckoning DELUXE EDITION_is1) (Version: 1.0.0.2 - QfG)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LevelOne WUA-0605 Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0113 - LevelOne)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mass Effect Deluxe Edition (HKLM-x32\...\{A5C7818C-27AC-4A71-BEDF-BA5652D2CC36}_is1) (Version: v1.02 - The Most Electrifying Man)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version:  - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140120.76235 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlurPush (HKLM\...\PlurPush) (Version: 2014.03.28.231718 - PlurPush)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.5.201304180917 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version:  - Microsoft)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
网游加速小助手(剑灵) (HKLM-x32\...\网游加速小助手(剑灵)) (Version: 2.0.45.89 - Copyright (C) 2013 Tencent)

==================== Restore Points  =========================

10-04-2014 16:06:12 Windows Update
12-04-2014 06:45:18 Installed Java 7 Update 51
14-04-2014 10:07:20 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:08:44 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:11:19 Revo Uninstaller's restore point - RegClean Pro
14-04-2014 10:15:05 Revo Uninstaller's restore point - Yahoo Community Smartbar
14-04-2014 10:16:08 Revo Uninstaller's restore point - VO Package
14-04-2014 10:17:11 Revo Uninstaller's restore point - Shopping Helper Smartbar Engine
14-04-2014 10:18:08 Revo Uninstaller's restore point - Shopping Helper Smartbar
14-04-2014 10:19:16 Revo Uninstaller's restore point - Search Protect
14-04-2014 10:20:20 Revo Uninstaller's restore point - PDF24 Creator 6.3.1
14-04-2014 10:21:52 Revo Uninstaller's restore point - BlockAndSurf
14-04-2014 10:23:16 Revo Uninstaller's restore point - RoboForm 7-9-0-0 (All Users)
14-04-2014 10:25:22 Revo Uninstaller's restore point - MixiDJ Toolbar 
14-04-2014 10:26:16 Revo Uninstaller's restore point - Advanced System Protector
14-04-2014 10:27:23 Revo Uninstaller's restore point - AnyProtect
15-04-2014 10:34:47 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {002BED3E-0919-4BBA-995C-03DF069AAFAC} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {037DF9E7-FADB-45C4-B37F-AB10B1FD36D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {08C53256-84E4-4A93-9D31-4012A0E1265A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {0B690F27-DA5A-4C5E-8AF6-045ABC577E99} - System32\Tasks\Opera D2 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {248AD0D2-7E7E-4D32-81AB-FA015E15B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {32E2FB49-08D2-4DBE-93C7-4EC65EC0EC27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {349B0F97-B431-456B-B666-EB392A49DA97} - System32\Tasks\{EB1A13EA-FB01-4D59-99CA-D755078280C9} => Firefox.exe 
Task: {358D2FBC-F05A-4FC4-AE91-FC65E464D2C0} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {4D706DDF-EC04-4E4E-BA67-1F48DEAD41DF} - System32\Tasks\{7636DB98-A8B0-4C6C-B62E-77A875639331} => Firefox.exe 
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {91A8BAED-7921-4F64-8D8F-23A72868DD67} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {9503C1BF-E2EA-4760-BD4F-F7647B362EEA} - System32\Tasks\{BE28D158-551B-4294-9100-DA3EFCA27DD3} => Firefox.exe 
Task: {A3BF923E-AA25-43DC-B5EC-2164F85BE938} - System32\Tasks\Opera D3 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B463C9EE-9821-4903-8D31-3266E2131E4A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMNJLMMJMMKMLJJJCNOMKMJJKMCNLMIMNJHMCNGMOMOMJMCNLMLJNJHMPMNMOJIMJJHMKMOMJNJICMIMCNGMCNPMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMPMCNNMJNPICMPMFMFMNMHMHMJNHICMEKMICNJJCKJNBJCMNLAJLIOJBJJNKJCMJNNICMJNDJCMLJKJ"
Task: {C3C1E073-17C1-4AD7-888A-EFA9E57142B8} - System32\Tasks\Opera D4 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {C9235D0C-6F53-4B69-AC9C-53FC28D920D7} - System32\Tasks\{3AD24F87-9E1D-4000-88A5-34C6683E7650} => Firefox.exe hxxp://ui.skype.com/ui/0/6.10.59.104/de/abandoninstall?page=tsProgressBar
Task: {FA300F06-B62E-4AA8-AC6E-3FA665C44822} - System32\Tasks\Opera D5 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-06-01 16:12 - 2013-06-01 16:12 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-01 16:12 - 2013-06-01 16:12 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-29 01:17 - 2014-04-15 11:27 - 00350488 _____ () C:\Program Files (x86)\PlurPush\updatePlurPush.exe
2014-03-30 16:34 - 2014-04-15 10:54 - 00350488 _____ () C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
2013-05-17 13:32 - 2013-03-01 14:13 - 01300816 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2013-05-17 13:36 - 2014-03-29 11:00 - 05329400 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe
2013-07-10 10:56 - 2013-07-10 10:56 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe
2013-05-17 13:36 - 2014-04-03 14:26 - 16510456 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\League of Legends.exe
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-26 00:02 - 2009-12-09 15:20 - 00126976 ____R () C:\Program Files (x86)\LevelOne\WUA-0605\EnumDevLib.dll
2014-03-18 18:05 - 2014-03-18 18:05 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-18 17:01 - 2014-03-28 15:40 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2013-09-07 17:04 - 2014-03-29 11:00 - 00264696 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\RiotLauncher.dll
2013-05-17 13:36 - 2014-04-03 14:26 - 01494520 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\RiotLauncher.dll
2013-09-07 17:25 - 2014-03-29 11:00 - 00380408 _____ () C:\Riot Games\League of Legends\RADS\RiotRadsIO.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2014 02:06:38 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xf00
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/15/2014 02:04:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xbc4
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/15/2014 02:03:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xa9c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/15/2014 01:01:08 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/15/2014 01:01:07 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/15/2014 01:01:06 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/15/2014 01:01:04 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/15/2014 01:00:10 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/15/2014 01:00:09 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.

Error: (04/15/2014 01:00:07 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigr鲞e wurde vom Server nicht zur點kgegeben. M鰃licherweise enth鋖t die URL dynamischen Inhalt. Der Inhaltsl鋘genheader ist in der Server-HTTP-Antwort nicht verf黦bar.


System errors:
=============
Error: (04/15/2014 01:10:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/15/2014 01:01:57 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2014 10:51:17 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2014 11:19:01 AM) (Source: Service Control Manager) (User: )
Description: Dienst "BlockAndSurf" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/14/2014 11:18:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (04/14/2014 11:17:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (04/14/2014 11:16:52 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:15:59 unerwartet heruntergefahren.

Error: (04/14/2014 11:15:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:14:02 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 72%
Total physical RAM: 4093.55 MB
Available physical RAM: 1144.36 MB
Total Pagefile: 8185.25 MB
Available Pagefile: 4780.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:137.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6312B514)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 15.04.2014, 13:47   #6
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Botan (administrator) on XEBAT-PC on 15-04-2014 14:10:08
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
() C:\Program Files (x86)\PlurPush\updatePlurPush.exe
() C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
() C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\League of Legends.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify Web Helper] => C:\Users\Xebat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-01-29] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify] => C:\Users\Xebat\AppData\Roaming\Spotify\spotify.exe [4640768 2014-01-29] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [RoboForm] => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {20ff1223-bee4-11e2-9105-50e549d5f581} - F:\Startme.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {797d9470-95aa-11e2-8f78-50e549d5f581} - E:\Setup.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-01] ()
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1815464 2014-01-07] (Valve Corporation)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [SDP] => C:\Users\Schule\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto 
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Online Weather] => C:\Users\Schule\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify] => C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [RoboForm] => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Windows Defender] => C:\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe [313344 2013-07-01] (Windows Defender)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3551576 2014-01-16] (Electronic Arts)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [ThreadManager.exe] => C:\Program Files (x86)\Thread Manager\ThreadManager.exe [12322584 2013-07-04] (Digital Generation Inc.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {fe4d9a5b-d903-11e2-9673-50e549d5f581} - F:\LGAutoRun.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [RoboForm] => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify] => C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [DT Emphelungstool] => "C:\Users\Bekir&Botan\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {db1faac1-9594-11e2-9446-806e6f6e6963} - D:\Start.exe
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN???????? ????; (MSN????)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google Search) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-15] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-15] ()

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [884712 2014-03-23] (TENCENT)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-15 14:09 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 13:14 - 2014-04-15 14:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:07 - 2014-04-15 13:09 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-14 12:31 - 00044435 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:30 - 2014-04-15 14:10 - 00018566 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-15 14:10 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-15 14:09 - 02054144 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 10:30 - 2014-04-14 10:50 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2014-04-14 12:22 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-14 09:09 - 2014-04-11 23:13 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-11 14:43 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-03 22:37 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:30 - 2014-04-15 13:19 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-23 22:47 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-15 14:10 - 2014-04-14 12:30 - 00018566 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-15 14:10 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-15 14:09 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 14:09 - 2014-04-14 12:29 - 02054144 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-15 14:06 - 2014-04-15 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 14:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 14:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 13:19 - 2014-03-30 15:30 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-15 13:15 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:15 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:14 - 2013-03-25 23:44 - 01857641 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:10 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-15 13:10 - 2013-03-26 00:21 - 00201786 _____ () C:\Windows\PFRO.log
2014-04-15 13:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 13:10 - 2009-07-14 06:51 - 00081401 _____ () C:\Windows\setupact.log
2014-04-15 13:09 - 2014-04-15 13:07 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:09 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-15 13:08 - 2013-06-10 22:13 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-15 13:08 - 2013-03-26 00:11 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-15 13:07 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-15 13:01 - 2013-06-23 18:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-15 10:50 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 23:40 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-14 17:58 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-14 12:31 - 00044435 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:22 - 2014-04-14 09:11 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 10:50 - 2014-04-14 10:30 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 23:13 - 2014-04-14 09:09 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-11 14:43 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:37 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:55 - 2014-04-03 21:54 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-03 09:51 - 2014-04-15 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:47 - 2014-03-19 19:02 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Bekir&Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\DelayInst.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\installservice.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMDll.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMResource.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\Profiles.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\unicows.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Botan\AppData\Local\Temp\1_Offer_9.exe
C:\Users\Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Botan\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Botan\AppData\Local\Temp\DownloadManager.exe
C:\Users\Botan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Botan\AppData\Local\Temp\nsiA7B8.exe
C:\Users\Botan\AppData\Local\Temp\Quarantine.exe
C:\Users\Botan\AppData\Local\Temp\sp-downloader.exe
C:\Users\Botan\AppData\Local\Temp\TXPltSafeInit.dll
C:\Users\Schule\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Schule\AppData\Local\Temp\gnsocaby.dll
C:\Users\Schule\AppData\Local\Temp\hrxha0hy.dll
C:\Users\Schule\AppData\Local\Temp\instloffer.exe
C:\Users\Schule\AppData\Local\Temp\itinstallerp.exe
C:\Users\Schule\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Schule\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Schule\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Schule\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Schule\AppData\Local\Temp\uninst1.exe
C:\Users\Schule\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Schule\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Xebat\AppData\Local\Temp\bitool.dll
C:\Users\Xebat\AppData\Local\Temp\DeltaTB.exe
C:\Users\Xebat\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Xebat\AppData\Local\Temp\LyricsPal.exe
C:\Users\Xebat\AppData\Local\Temp\lyricstmp.exe
C:\Users\Xebat\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\Xebat\AppData\Local\Temp\ose00000.exe
C:\Users\Xebat\AppData\Local\Temp\vlc-2.0.6-win64.exe
C:\Users\Xebat\AppData\Local\Temp\wajam_install.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---
...

Alt 15.04.2014, 20:17   #7
Bootsektor
/// TB-Ausbilder
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Ok, dann lass das erstmal weg,

btw: Warum hat das Windows kein ServicePack1 und noch den IE 9.

Als kostenloses AV kann ich dir AVAST! empfehlen und das auch ziemlich dringend, bei der ganzen Masse an Kram auf deinem PC. Falls du dir es herunterladen m鯿htest, mache bitte damit eine Schnell黚erpr黤ung und poste etwaige Funde hier.

Wie l鋟ft der Rechner denn jetzt?
Schritt 1

Dr點ke bitte die Windowstaste + R Taste und schreibe notepad in das Ausf黨ren Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Online Weather] => C:\Users\Schule\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Windows Defender] => C:\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe [313344 2013-07-01] (Windows Defender)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll No File
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-15] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-15] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
C:\Program Files (x86)\AnyProtectEx
C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
C:\Users\Schule\AppData\Local\WebPlayer
C:\Users\Bekir&Botan\AppData\Local\Smartbar
C:\ProgramData\Windows\
C:\Program Files\McAfee Security Scan
C:\Program Files (x86)\PlurPush
C:\Windows\system32\TesSafe.sys
C:\Windows\System32\drivers\wStLibG64.sys 
C:\Users\Botan\AppData\Local\speedial.crx
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe
C:\Users\Botan\AppData\Local\Temp\*.dll
C:\Users\Botan\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.exe
C:\Users\Xebat\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.dll
C:\Users\Xebat\AppData\Local\Temp\*.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
Da der Scan mit Eset sehr gr黱dlich ist, kann er unter Umst鋘den mehrere Stunden dauern

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerw黱schten Anwendungen" und w鋒le folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schlie遝 das Fenster von ESET.
  • Explorer 鰂fnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor 鰂fnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner l鰏chen und Papierkorb leeren => C:\Programme\Eset



Schritt 3
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und dr點ke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Alt 16.04.2014, 20:42   #8
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-04-2014 02
Ran by Botan at 2014-04-16 21:30:36
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
剑灵_腾讯 (HKLM-x32\...\剑灵_腾讯) (Version:  - Tencent)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
C9 (HKLM-x32\...\C9(Continent of the Ninth Seal)_is1) (Version:  - WEBZEN)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
China Localization Patcher (HKLM-x32\...\{358B9F54-BFA2-4FC4-8134-CA786EC84260}) (Version: 1.5.1.0 - LokiReborn)
Cisco EAP-FAST Module (HKLM-x32\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Don't Starve (HKLM-x32\...\DontStarve) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dr. Hardware 2013 13.0d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version:  - Peter A. Gebhard)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to MP3 Converter version 5.0.23.320 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
InfiniteCrisis (HKLM-x32\...\InfiniteCrisis) (Version:  - Turbine, Inc)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
腾讯游戏平台 (HKLM-x32\...\腾讯游戏平台Formal) (Version:  - Tencent)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kingdoms of Amalur™ Reckoning DELUXE EDITION (HKLM-x32\...\Kingdoms of Amalur™ Reckoning DELUXE EDITION_is1) (Version: 1.0.0.2 - QfG)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LevelOne WUA-0605 Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0113 - LevelOne)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mass Effect Deluxe Edition (HKLM-x32\...\{A5C7818C-27AC-4A71-BEDF-BA5652D2CC36}_is1) (Version: v1.02 - The Most Electrifying Man)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version:  - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140120.76235 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlurPush (HKLM\...\PlurPush) (Version: 2014.03.28.231718 - PlurPush)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.5.201304180917 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version:  - Microsoft)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
网游加速小助手(剑灵) (HKLM-x32\...\网游加速小助手(剑灵)) (Version: 2.0.45.89 - Copyright (C) 2013 Tencent)

==================== Restore Points  =========================

12-04-2014 06:45:18 Installed Java 7 Update 51
14-04-2014 10:07:20 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:08:44 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:11:19 Revo Uninstaller's restore point - RegClean Pro
14-04-2014 10:15:05 Revo Uninstaller's restore point - Yahoo Community Smartbar
14-04-2014 10:16:08 Revo Uninstaller's restore point - VO Package
14-04-2014 10:17:11 Revo Uninstaller's restore point - Shopping Helper Smartbar Engine
14-04-2014 10:18:08 Revo Uninstaller's restore point - Shopping Helper Smartbar
14-04-2014 10:19:16 Revo Uninstaller's restore point - Search Protect
14-04-2014 10:20:20 Revo Uninstaller's restore point - PDF24 Creator 6.3.1
14-04-2014 10:21:52 Revo Uninstaller's restore point - BlockAndSurf
14-04-2014 10:23:16 Revo Uninstaller's restore point - RoboForm 7-9-0-0 (All Users)
14-04-2014 10:25:22 Revo Uninstaller's restore point - MixiDJ Toolbar 
14-04-2014 10:26:16 Revo Uninstaller's restore point - Advanced System Protector
14-04-2014 10:27:23 Revo Uninstaller's restore point - AnyProtect
15-04-2014 10:34:47 Windows Update
15-04-2014 20:49:53 avast! antivirus system restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {002BED3E-0919-4BBA-995C-03DF069AAFAC} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {037DF9E7-FADB-45C4-B37F-AB10B1FD36D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {08C53256-84E4-4A93-9D31-4012A0E1265A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {1B3E1F00-7C74-458B-B1E2-AE3ECFD48B54} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-15] (AVAST Software)
Task: {248AD0D2-7E7E-4D32-81AB-FA015E15B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {32E2FB49-08D2-4DBE-93C7-4EC65EC0EC27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {349B0F97-B431-456B-B666-EB392A49DA97} - System32\Tasks\{EB1A13EA-FB01-4D59-99CA-D755078280C9} => Firefox.exe 
Task: {358D2FBC-F05A-4FC4-AE91-FC65E464D2C0} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {4D706DDF-EC04-4E4E-BA67-1F48DEAD41DF} - System32\Tasks\{7636DB98-A8B0-4C6C-B62E-77A875639331} => Firefox.exe 
Task: {91A8BAED-7921-4F64-8D8F-23A72868DD67} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {9503C1BF-E2EA-4760-BD4F-F7647B362EEA} - System32\Tasks\{BE28D158-551B-4294-9100-DA3EFCA27DD3} => Firefox.exe 
Task: {A3BF923E-AA25-43DC-B5EC-2164F85BE938} - System32\Tasks\Opera D3 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {B463C9EE-9821-4903-8D31-3266E2131E4A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMNJLMMJMMKMLJJJCNOMKMJJKMCNLMIMNJHMCNGMOMOMJMCNLMLJNJHMPMNMOJIMJJHMKMOMJNJICMIMCNGMCNPMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMPMCNNMJNPICMPMFMFMNMHMHMJNHICMEKMICNJJCKJNBJCMNLAJLIOJBJJNKJCMJNNICMJNDJCMLJKJ"
Task: {C3C1E073-17C1-4AD7-888A-EFA9E57142B8} - System32\Tasks\Opera D4 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {C9235D0C-6F53-4B69-AC9C-53FC28D920D7} - System32\Tasks\{3AD24F87-9E1D-4000-88A5-34C6683E7650} => Firefox.exe hxxp://ui.skype.com/ui/0/6.10.59.104/de/abandoninstall?page=tsProgressBar
Task: {FA300F06-B62E-4AA8-AC6E-3FA665C44822} - System32\Tasks\Opera D5 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-06-01 16:12 - 2013-06-01 16:12 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-01 16:12 - 2013-06-01 16:12 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-23 19:19 - 2014-04-11 00:20 - 00602680 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-15 22:57 - 2014-04-15 22:57 - 02212352 _____ () C:\Program Files\AVAST Software\Avast\defs\14041501\algo.dll
2014-04-16 19:29 - 2014-04-16 19:29 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041601\algo.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2014-04-15 22:51 - 2014-04-15 22:51 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-26 00:02 - 2009-12-09 15:20 - 00126976 ____R () C:\Program Files (x86)\LevelOne\WUA-0605\EnumDevLib.dll
2014-03-18 18:05 - 2014-03-18 18:05 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-18 17:01 - 2014-03-28 15:40 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2013-04-10 13:40 - 2014-04-11 00:20 - 36966968 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\libcef.dll
2013-10-23 19:19 - 2014-04-11 00:20 - 00886840 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-23 19:19 - 2014-04-11 00:20 - 00108600 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2014 08:29:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts f黵 "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine f黵 die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts f黵 "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine f黵 die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts f黵 "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine f黵 die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts f黵 "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine f黵 die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts f黵 "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine f黵 die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/15/2014 10:50:04 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst w鋒rend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary lmizbsze.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (04/15/2014 10:29:06 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts f黵 "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine f黵 die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/15/2014 10:29:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts f黵 "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine f黵 die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/15/2014 07:31:39 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgef黨rt werden und wurde beendet. 躡erpr黤en Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16dc

Startzeit: 01cf58d08a5325b9

Endzeit: 1

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: cbcf260c-c4c3-11e3-bf73-50e549d5f581

Error: (04/15/2014 03:48:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1300
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


System errors:
=============
Error: (04/16/2014 11:27:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/16/2014 03:04:52 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/16/2014 03:03:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/16/2014 00:34:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/16/2014 00:33:28 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎16.‎04.‎2014 um 00:32:20 unerwartet heruntergefahren.

Error: (04/15/2014 10:25:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/15/2014 10:23:49 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Util PlurPush" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2014 10:23:48 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Update PlurPush" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2014 07:25:14 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.23
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/15/2014 01:10:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 4093.55 MB
Available physical RAM: 2269.41 MB
Total Pagefile: 8185.25 MB
Available Pagefile: 5241.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:135.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6312B514)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 16.04.2014, 20:43   #9
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 02
Ran by Botan (administrator) on XEBAT-PC on 16-04-2014 21:29:45
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-15] (AVAST Software)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1007\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cn.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-15]

Chrome: 
=======
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google Search) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-15]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-15] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-15] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-15] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 TesSafe; \??\C:\Windows\system32\TesSafe.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:52 - 2014-04-15 22:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:28 - 2014-04-15 22:29 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:09 - 2014-04-16 21:28 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 13:14 - 2014-04-16 21:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:07 - 2014-04-15 13:09 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-16 21:28 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 09:11 - 2014-04-15 22:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-15 19:46 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-16 15:29 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-16 21:29 - 2014-04-14 12:30 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-16 21:29 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-16 21:28 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-16 21:28 - 2014-04-14 12:29 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-16 21:28 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-16 21:22 - 2014-04-15 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 21:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 21:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 20:41 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-16 20:40 - 2009-07-14 06:51 - 00081905 _____ () C:\Windows\setupact.log
2014-04-16 20:37 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-16 20:06 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 17:41 - 2013-03-25 23:44 - 01901884 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 15:29 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 00:33 - 2013-03-26 00:21 - 00202436 _____ () C:\Windows\PFRO.log
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:57 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:53 - 2014-04-15 22:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:29 - 2014-04-15 22:28 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 22:25 - 2014-04-14 09:11 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 22:23 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 19:46 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-15 17:11 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:11 - 2014-04-14 12:31 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:09 - 2014-04-15 13:07 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:08 - 2013-06-10 22:13 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-15 13:08 - 2013-03-26 00:11 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-15 13:01 - 2013-06-23 18:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-15 10:50 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-03 09:51 - 2014-04-15 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Botan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpszn0rt.dll
C:\Users\Xebat\AppData\Local\Temp\bitool.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 02
Ran by Botan (administrator) on XEBAT-PC on 16-04-2014 21:29:45
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-15] (AVAST Software)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1007\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cn.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-15]

Chrome: 
=======
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google Search) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-15]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-15] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-15] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-15] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 TesSafe; \??\C:\Windows\system32\TesSafe.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:52 - 2014-04-15 22:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:28 - 2014-04-15 22:29 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:09 - 2014-04-16 21:28 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 13:14 - 2014-04-16 21:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:07 - 2014-04-15 13:09 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-16 21:28 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 09:11 - 2014-04-15 22:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-15 19:46 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-16 15:29 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-16 21:29 - 2014-04-14 12:30 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-16 21:29 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-16 21:28 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-16 21:28 - 2014-04-14 12:29 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-16 21:28 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-16 21:22 - 2014-04-15 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 21:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 21:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 20:41 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-16 20:40 - 2009-07-14 06:51 - 00081905 _____ () C:\Windows\setupact.log
2014-04-16 20:37 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-16 20:06 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 17:41 - 2013-03-25 23:44 - 01901884 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 15:29 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 00:33 - 2013-03-26 00:21 - 00202436 _____ () C:\Windows\PFRO.log
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:57 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:53 - 2014-04-15 22:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:29 - 2014-04-15 22:28 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 22:25 - 2014-04-14 09:11 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 22:23 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 19:46 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-15 17:11 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:11 - 2014-04-14 12:31 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:09 - 2014-04-15 13:07 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:08 - 2013-06-10 22:13 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-15 13:08 - 2013-03-26 00:11 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-15 13:01 - 2013-06-23 18:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-15 10:50 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entr黰peln!.lnk
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-03 09:51 - 2014-04-15 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\腾讯游戏平台.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\剑灵_腾讯.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯游戏
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\腾讯游戏
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Botan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpszn0rt.dll
C:\Users\Xebat\AppData\Local\Temp\bitool.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---


Die Pr黤ungsergebnisse von Avast sind im Anhang zu finden.

Btw was muss ich alles zu dem Programm wissen?

Alt 16.04.2014, 20:44   #10
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Was is IE9 und ServicePack1? und ja der Computer funktioniert schon deutlich besser.

Fixlog.txt

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by Botan at 2014-04-15 22:23:29 Run:1
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Online Weather] => C:\Users\Schule\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Windows Defender] => C:\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe [313344 2013-07-01] (Windows Defender)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll No File
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-15] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-15] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
C:\Program Files (x86)\AnyProtectEx
C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
C:\Users\Schule\AppData\Local\WebPlayer
C:\Users\Bekir&Botan\AppData\Local\Smartbar
C:\ProgramData\Windows\
C:\Program Files\McAfee Security Scan
C:\Program Files (x86)\PlurPush
C:\Windows\system32\TesSafe.sys
C:\Windows\System32\drivers\wStLibG64.sys 
C:\Users\Botan\AppData\Local\speedial.crx
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe
C:\Users\Botan\AppData\Local\Temp\*.dll
C:\Users\Botan\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.exe
C:\Users\Xebat\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.dll
C:\Users\Xebat\AppData\Local\Temp\*.exe
*****************

HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Online Weather => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Key deleted successfully.
C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/TXSSO => Key deleted successfully.
C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll not found.
CHR DefaultSearchKeyword: mysearchdial.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Mysearchdial ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir= ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
C:\Users\Botan\AppData\Local\speedial.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
Update PlurPush => Unable to stop service
Update PlurPush => Service deleted successfully.
Util PlurPush => Unable to stop service
Util PlurPush => Service deleted successfully.
wStLibG64 => Unable to stop service
wStLibG64 => Service deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1809AF3-F82A-4DB0-9E89-832BB19903CF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1809AF3-F82A-4DB0-9E89-832BB19903CF} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => Key deleted successfully.
C:\Windows\Tasks\APSnotifierPP1.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => Moved successfully.
"C:\Program Files (x86)\AnyProtectEx" => File/Directory not found.
"C:\Users\Bekir&Botan\AppData\Roaming\newnext.me" => File/Directory not found.
"C:\Users\Schule\AppData\Local\WebPlayer" => File/Directory not found.
"C:\Users\Bekir&Botan\AppData\Local\Smartbar" => File/Directory not found.
C:\ProgramData\Windows => Moved successfully.
C:\Program Files\McAfee Security Scan => Moved successfully.

"C:\Program Files (x86)\PlurPush" directory move:

C:\Program Files (x86)\PlurPush\0 => Moved successfully.
C:\Program Files (x86)\PlurPush\7za.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\PlurPush.ico => Moved successfully.
C:\Program Files (x86)\PlurPush\PlurPushUninstall.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\updatePlurPush.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\updatePlurPush.InstallState => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\7za.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\BrowserAdapterS.7z => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\FilterApp_C64.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPush.BrowserAdapter.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPushBA.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPushBAApp.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\sqlite3.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\utilPlurPush.InstallState => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfs560E.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfs565D.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsCCA4.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsCCD3.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsE519.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsE5A6.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.Bromon.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.BrowserAdapterS.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.CompatibilityChecker.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.FFUpdate.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.IEUpdate.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.PurBrowseG.dll => Moved successfully.
Could not move "C:\Program Files (x86)\PlurPush" directory. => Scheduled to move on reboot.

C:\Windows\system32\TesSafe.sys => Moved successfully.
C:\Windows\System32\drivers\wStLibG64.sys => Moved successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe => Moved successfully.
C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc => Moved successfully.
C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm => Moved successfully.
C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm => Moved successfully.
C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe => Moved successfully.
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll => Moved successfully.
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Botan\AppData\Local\Temp\*.dll => Moved successfully.
C:\Users\Botan\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Schule\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Xebat\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Schule\AppData\Local\Temp\*.dll => Moved successfully.
"C:\Users\Xebat\AppData\Local\Temp\*.exe" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-15 22:26:14)<=

C:\Program Files (x86)\PlurPush => Moved successfully.

==== End of Fixlog ====
         
log.txt

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=74c472855899634ead891d0739e14949
# engine=17910
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-16 05:18:01
# local_time=2014-04-16 07:18:01 (+0100, Mitteleurop鋓sche Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=774 16777213 71 76 73575 73615 0 0
# compatibility_mode=5893 16776573 100 94 28068 149298531 0 0
# scanned=366506
# found=30
# cleaned=0
# scan_time=17190
sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\MiaggnyiPPic\51c7351647449.dll.vir"
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=E08EF6298DB507FC55E944040ECBE7B5AA5CAA6A ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp\1.111_0\contentscript.js.vir"
sh=E08EF6298DB507FC55E944040ECBE7B5AA5CAA6A ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schule\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp\1.111_0\contentscript.js.vir"
sh=B8A15E2B817C650BB246EE96D859D190BC1E2FF5 ft=1 fh=056d0132ff61be3e vn="MSIL/CoinMiner.CM trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe"
sh=4FA174F176A0A3ED0C41BC6A5C54D51FACFB534F ft=1 fh=9d25dcec7d070c82 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\WindowsUpdate\rundll32.exe"
sh=05ED639942CC1E49D422789CE0BAAD7ADD22D1AA ft=0 fh=0000000000000000 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\WindowsUpdate\rundll32.lnk"
sh=AF403E1D2C014FEB5B49354DFFE220A4741EAECA ft=1 fh=ebb6a3c55d41b422 vn="Win32/Adware.Lollipop.H application" ac=I fn="C:\FRST\Quarantine\C\Users\Schule\AppData\Local\Temp\instloffer.exe.xBAD"
sh=EA94BD6973CE722A1EBBD78554A369281FE1A2DE ft=1 fh=33e0d3904fd705f4 vn="multiple threats" ac=I fn="C:\FRST\Quarantine\C\Users\Xebat\AppData\Local\Temp\LyricsPal.exe.xBAD"
sh=5348BD561F3AC044DBBDAA4898D6B9D31FBFF595 ft=1 fh=1b226d3a8e8a5ffc vn="multiple threats" ac=I fn="C:\FRST\Quarantine\C\Users\Xebat\AppData\Local\Temp\lyricstmp.exe.xBAD"
sh=32ADBAC553741526F9F6A537E7A97308D0CD21DF ft=1 fh=08b67f1784dc0558 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\ProgramData\AMD\KDB\dwm.exe"
sh=32ADBAC553741526F9F6A537E7A97308D0CD21DF ft=1 fh=08b67f1784dc0558 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\Users\All Users\AMD\KDB\dwm.exe"
sh=3F7B7CF08A07483D45A4F5A0A8C64FEE0CFBE6D1 ft=1 fh=b91e9acba36107fd vn="a variant of Win32/AdWare.SpeedingUpMyPC.G application" ac=I fn="C:\Users\Botan\AppData\Local\Temp\is45637729\1974874_stp.EXE"
sh=9D1519C1A54ECB8A55339A5DB040C9CE9C869032 ft=1 fh=21c482d32e956120 vn="a variant of Win32/Injector.AWKK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EN1OLNNN\viewtopic[1].php"
sh=49462750C925D892DAB3D690C55CACFBA3ED1894 ft=0 fh=0000000000000000 vn="JS/Kryptik.APU trojan" ac=I fn="C:\Users\Schule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YGXC6DSW\technical[1].htm"
sh=9D1519C1A54ECB8A55339A5DB040C9CE9C869032 ft=1 fh=21c482d32e956120 vn="a variant of Win32/Injector.AWKK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\Low\bvtray.exe"
sh=E847ABD49144BD4608A580B8D74BA9C7AE0F55BC ft=1 fh=172864099d2e4610 vn="Win32/Agent.UJJ trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp306f3a4c\23.exe"
sh=BE00A8B0019A19D3B640ABBE3AE9718BB0A9AA45 ft=1 fh=dae9711f88cacd10 vn="a variant of Win32/Kryptik.BAXK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp466a6cbe\33.exe"
sh=840FF4A02F82179E23CB1F6DE757CFCE47630003 ft=1 fh=bae0c0a9721e5188 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp7922a78e\ut.exe"
sh=840FF4A02F82179E23CB1F6DE757CFCE47630003 ft=1 fh=bae0c0a9721e5188 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp7f8588c3\ut.exe"
sh=7630F581221888E622E479C3C4BD446ECAF5A186 ft=1 fh=c101aa4c58d2b03c vn="a variant of Win32/Kryptik.BAOX trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpb7fbfa3c\13.exe"
sh=AB289788E1B0BB9BB2D60DA086D61B4F631CAA02 ft=1 fh=41148c1388e53a23 vn="a variant of Win32/Kryptik.BAQL trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpc30cfb44\89.exe"
sh=82BEEA0B3EAF75F1BBF65FBBABF399A97EEE6D55 ft=1 fh=c3a5cb272dbdf656 vn="a variant of Win32/Kryptik.BBAM trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpd1a23059\34.exe"
sh=0ED353B6D858579DA60611D8B9033230282619E8 ft=1 fh=0e94236bc9e531e0 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpeb897682\14.exe"
sh=445A281D8236F06974CA5455B98A5FDD392A270E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-2423.O trojan" ac=I fn="C:\Users\Schule\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\7f5abc86-7bae5ff1"
sh=436A37E289E55E56F61485E5E248D6F7246221A1 ft=1 fh=f9136369f620230b vn="a variant of Generik.MVICHXB trojan" ac=I fn="C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll"
sh=8E95552B10748C10CEB5EB9C79AA07B05F5852BC ft=1 fh=f91363691ff201c1 vn="a variant of Generik.EUNPGRH trojan" ac=I fn="C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll"
sh=E508ACD8F97A24F734F8CE8BA685BCBA296E5C7D ft=1 fh=858fb24a9fdda1dc vn="multiple threats" ac=I fn="C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe"
sh=23B4190248082916EB94D0304A9231BAB4498BE8 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Xebat\AppData\Local\Temp\che2FC9.tmp"
sh=8781D2528360A4FD04D256B9B752F64BB6B31358 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Xebat\AppData\Local\Temp\che596B.tmp"
         
Angeh鋘gte Grafiken
Dateityp: jpg AVAST_Pr黤ergebnisse.jpg (85,7 KB, 166x aufgerufen)

Alt 17.04.2014, 22:27   #11
Bootsektor
/// TB-Ausbilder
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Hallo bekirikus,
Zitat:
Was is IE9 und ServicePack1? und ja der Computer funktioniert schon deutlich besser.
IE9 ist der InternetExplorer in der neunten Version, aktuell ist f黵 WIndows 7 11.
Ein Service Pack ist ein Wartungspaket f黵 Windows, damit wird das Betriebssystem auf einen aktuellen Stand gebracht, Sicherheitsl點ken geschlossen, Fehler beseitigt, es ist sehr wichtig, dass beides aktuell ist.

Zitat:
Btw was muss ich alles zu dem Programm wissen?
Welches Programm meinst du denn.

Schritt 1
Bitte die Funde von Avast l鰏chen lassen.

Schritt 2
Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • 謋fne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schlie遝 alle anderen Programme.
  • Dr點ke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, best鋞ige diesen.



Schritt 3

Dr點ke bitte die Windowstaste + R Taste und schreibe notepad in das Ausf黨ren Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll
C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll
C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe
C:\ProgramData\AMD\KDB\dwm.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Alt 17.04.2014, 23:28   #12
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Ich meine zu dem Virenprogramm AVAST. Was sollte ich dazu wissen?

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-04-2014 02
Ran by Botan at 2014-04-18 00:27:37 Run:2
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll
C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll
C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe
C:\ProgramData\AMD\KDB\dwm.exe
*****************

C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll => Moved successfully.
C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll => Moved successfully.
C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe => Moved successfully.
C:\ProgramData\AMD\KDB\dwm.exe => Moved successfully.

==== End of Fixlog ====
         

Alt 20.04.2014, 00:15   #13
Bootsektor
/// TB-Ausbilder
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Zitat:
Ich meine zu dem Virenprogramm AVAST. Was sollte ich dazu wissen?
Ich verstehe deine Frage nicht. Du kannst dich auf der Homepage von Avast dazu informieren.

Fundevon Avast hattest du auch gel鰏cht?

>OK<

So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschlie遝nd r鋟men wir noch etwas auf, f黨ren Updates durch und dann bekommst du noch etwas Lesestoff von mir.


Schritt 1
Falls du den ESET-Onlinescan nicht mehr ben鰐igst, kannst Du ihn einfach 黚er die Programmdeinstallation deinstallieren.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.
  • Schlie遝 alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein H鋕chen.
  • Klicke auf Start.
  • DelFix entfernt u. a. alle verwendeten Programme und l鰏cht sich abschlie遝nd selbst.

Falls nun noch Tools aus der Bereinigung auf deinem PC sind, kannst du diese besorgtlos selbst l鰏chen.

Updates / Programme aktualisieren
  • Service Pack 1

    Lade das Service Pack 1Service Pack 1 f黵 Windows 7 herunter, installiere es und lasse Windows dann nach Updates suchen
  • Internetexplorer
    Dein InternetExplorer ist nicht mehr aktuell. Besuche diese Microsoftseite und lade dir von dort den neuesten Internetexplorer f黵 dein Betriebssystem herunter

  • Java
Dein Java ist nicht mehr aktuell.
Java ist eine gro遝 Sicherheitsl點ke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Sofern du Java nicht zwingend ben鰐igst, solltest du es komplett deinstallieren.

Windows XP
Gehe auf:
Start --> Systemsteuerung --> Software --> Javaversionen ausw鋒len --> entfernen
Windows Vista
Gehe auf:
Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen
Windows 7
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Javaversionen ausw鋒len --> entfernen
Windows 8
Dazu dr點ke auf:
Windowstaste und X
dann:
Programme und Funktionen -->Javaversionen ausw鋒len --> entfernen

Falls du Java doch unbedingt ben鰐igst, dann
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schlie遝 alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer f黵 die neueste Java Version ( Java 7 Update 55 ) herunter laden.
  • Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." w鋒rend der Installation.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle 鋖teren Java Versionen.
  • Starte deinen Rechner neu sobald alle 鋖teren Versionen deinstalliert wurden.
Nach dem Neustart
  • 謋fne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Tempor鋜e Internetdateien auf Einstellungen.
  • Klicke auf Dateien l鰏chen....
  • Gehe sicher das 黚erall ein Haken gesetzt ist und klicke OK.
  • Klicke erneut OK.

und sorge daf黵, dass Java automatisch updated.
Dazu:
  • 鰂fne Java
  • klicke auf den Reiter Update
  • klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
  • klicke auf Erweitert
  • 鋘dere das Intervall mindestens auf w鯿hentlich
und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.
Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Aktualit鋞 des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
  • Bitte 黚erpr黤e, ob dein System Windows Updates automatisch herunter l鋎t
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.

Antivirensoftware
  • Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zus鋞zlicher Schutz
  • MalwareBytes Anti-Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
    Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundw鋍hter.
    Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese k鰊nen von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: F黵 diesen Browser habe ich hier ein paar n黷zliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgef黨rt wenn Du es best鋞igst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzuf黦en reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazit鋞.

Systemleistung
L鰏che regelm溥ig deine tempor鋜en Dateien. Ich empfehle hierzu TFC
Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und sch鰊 bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • 謋fne keine Anh鋘ge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
  • Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren m鯿hte, w鋒le wo immer es geht die benutzerdefinierte Installation und w鋒le alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren m鯿htest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu w黱schen.

Hinweis: Bitte gib mir eine kurze R點kmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben m鯿htest, kannst Du das sehr gerne hier tun.

Wenn Du etwas f黵 das Forum und unsere Arbeit spenden m鯿htest, so kannst Du das hier tun.

Alt 21.04.2014, 11:11   #14
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Wenn ich SP1 installieren will kommt nach einiger Zeit folgende Fehlermeldung:


ERROR_SXS_ASSEMBLY_MISSING (0x80073701)

hei遲 das, dass ich zuerst die 36 anderen updates installieren sollte?

Alt 21.04.2014, 20:14   #15
Bootsektor
/// TB-Ausbilder
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Nein, das hei遲, das dir ein wichtiger Systemordner fehlt. Ist das Ultimate legal?
  • Gehe auf C:\Windows\Logs\CBS\
  • schaue, ob es dort eine CBS.log Datei gibt
  • kopiere diese Datei auf deinen Desktop (wenn Windows sagt, dass du dazu Administratorenrechte brauchst, best鋞ige diese
  • 鰂fne die Datei
  • poste mir den Inhalt hier in deinen Thread

Antwort

Themen zu Internetverbindung schlecht, langsamer Computer und einfrieren des PC's
browser, internetverbindung, java/exploit.cve-2013-2423.o, js/kryptik.apu, langsamer computer, mobogenie, mobogenie entfernen, msil/coinminer.cm, msil/coinminer.cn, nationzoom, nationzoom entfernen, seiten, verbindung, win32/adware.addlyrics.f, win32/adware.lollipop.h, win32/adware.multiplug.i, win32/adware.speedingupmypc.g, win32/adware.yontoo.b, win32/agent.ujj, win32/injector.awkk, win32/kryptik.baox, win32/kryptik.baql, win32/kryptik.baxk, win32/kryptik.bbam, win32/kryptik.bgbe, woche



膆nliche Themen: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's


  1. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping - Wlan
    Plagegeister aller Art und deren Bek鋗pfung - 19.09.2015 (24)
  2. langsamer computer
    Log-Analyse und Auswertung - 31.05.2015 (24)
  3. langsamer computer
    M黮ltonne - 22.05.2015 (2)
  4. Computer f鋒rt nachts selbstst鋘dig hoch und "arbeitet"! H鋟figes Einfrieren des gesamten Systems.
    Log-Analyse und Auswertung - 03.02.2015 (11)
  5. Windows 7 erhalte st鋘dig spammails auf outlook und internetverbindung l鋟ft langsamer
    Log-Analyse und Auswertung - 02.11.2014 (17)
  6. Virus auf dem Pc? Anf鋘gliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit!
    Plagegeister aller Art und deren Bek鋗pfung - 28.09.2014 (13)
  7. Langsamer PC, oft ohne jeglichen Grund einfrieren, Probleme beim booten
    Log-Analyse und Auswertung - 07.06.2014 (26)
  8. Computer verliert immer wieder Internetverbindung
    Log-Analyse und Auswertung - 03.05.2014 (9)
  9. Internetverbindung nach einer Zeit immer langsamer High Ping Erkennt ihr was?
    Log-Analyse und Auswertung - 18.08.2013 (5)
  10. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping
    Netzwerk und Hardware - 16.08.2013 (1)
  11. Sehr langsamer Computer
    Log-Analyse und Auswertung - 08.11.2011 (1)
  12. PC sowie Internetverbindung ist merklich langsamer geworden, bin ich infiziert?
    Log-Analyse und Auswertung - 29.07.2011 (19)
  13. Langsamer Computer
    Log-Analyse und Auswertung - 16.05.2011 (1)
  14. Internetverbindung wird im Laufe der Sitzung langsamer
    Log-Analyse und Auswertung - 11.01.2009 (0)
  15. Internetverbindung wird langsamer
    Log-Analyse und Auswertung - 01.10.2008 (0)
  16. e-scan-Ergebnis: schlecht od. schlecht?
    Log-Analyse und Auswertung - 01.07.2008 (6)
  17. Internetverbindung langsamer als gew鰄nlich
    Log-Analyse und Auswertung - 22.03.2008 (0)

Zum Thema Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Hallo Liebe Community, Es geht darum, dass ich den Verdacht habe, dass mein PC stark mit Viren befallen ist. Seit einigen Wochen schon leidet die Internetverbindung extrem, Ich werde, wenn - Internetverbindung schlecht, langsamer Computer und einfrieren des PC's...
Archiv
Du betrachtest: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.