Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.04.2014, 11:35   #1
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Hallo Liebe Community,
Es geht darum, dass ich den Verdacht habe, dass mein PC stark mit Viren befallen ist. Seit einigen Wochen schon leidet die Internetverbindung extrem, Ich werde, wenn ich den Browser öffne, auf ganz komische Seiten umgeleitet, Der Pc friert manchmal einfach so ein und der Computer ist an sich recht langsam. Nun die Frage: Kann mir jemand von euch helfen diese Viren zu löschen damit der Computer wieder besser funktioniert?

Danke im Vorraus!

P.S. Ich benutze windows-7

Mit freundlichen Grüßen

Bekir

Was noch hinzuzufügen ist: Ich war schon einmal hier im Forum und hatte mein Problem mit diesem Forum geteilt. Mir wurde intensiv bei der Sache geholfen und alle Viren(zumindest die Symptome) wurden bereinigt. Da wollte ich mich nochmal bedanken.

Alt 14.04.2014, 12:13   #2
Bootsektor
Ruhe in Frieden
† 2019
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [code][/code]
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also [CODE] Logfile [/CODE]
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.04.2014, 12:34   #3
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Addition.txt
Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 01
Ran by Botan at 2014-04-14 12:31:08
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
½£Áé_ÌÚѶ (HKLM-x32\...\½£Áé_ÌÚѶ) (Version: - Tencent)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Browser Stabilizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{2db04d42}) (Version: - Appdev Ltd) <==== ATTENTION
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
C9 (HKLM-x32\...\C9(Continent of the Ninth Seal)_is1) (Version: - WEBZEN)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
China Localization Patcher (HKLM-x32\...\{358B9F54-BFA2-4FC4-8134-CA786EC84260}) (Version: 1.5.1.0 - LokiReborn)
Cisco EAP-FAST Module (HKLM-x32\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - )
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Don't Starve (HKLM-x32\...\DontStarve) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve )
Dr. Hardware 2013 13.0d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version: - Peter A. Gebhard)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Feven 2.5 (HKLM-x32\...\Feven 2.5) (Version: 1.33.153.1 - Feven) <==== ATTENTION
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to MP3 Converter version 5.0.23.320 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
InfiniteCrisis (HKLM-x32\...\InfiniteCrisis) (Version: - Turbine, Inc)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
ÌÚѶÓÎϷƽ̨ (HKLM-x32\...\ÌÚѶÓÎϷƽ̨Formal) (Version: - Tencent)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kingdoms of Amalur™ Reckoning DELUXE EDITION (HKLM-x32\...\Kingdoms of Amalur™ Reckoning DELUXE EDITION_is1) (Version: 1.0.0.2 - QfG)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LevelOne WUA-0605 Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0113 - LevelOne)
Lyrics Monkey (HKLM-x32\...\lyricsmonkey@mendoni.net) (Version: - MNDi Software) <==== ATTENTION
MagniPic (HKLM\...\{9F50A85D-1668-4098-A273-5E4A44B38AAB}) (Version: 1.0 - ) <==== ATTENTION
Mass Effect Deluxe Edition (HKLM-x32\...\{A5C7818C-27AC-4A71-BEDF-BA5652D2CC36}_is1) (Version: v1.02 - The Most Electrifying Man)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version: - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140120.76235 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlurPush (HKLM\...\PlurPush) (Version: 2014.03.28.231718 - PlurPush)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT (HKCU\...\RIFT) (Version: - Trion Worlds, Inc.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SoftwareUpdater (HKLM-x32\...\SoftwareUpdater) (Version: - )
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.5.201304180917 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version: - Microsoft)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WPM17.8.0.3325 (HKLM-x32\...\WPM) (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
网游加速小助手(剑灵) (HKLM-x32\...\网游加速小助手(剑灵)) (Version: 2.0.45.89 - Copyright (C) 2013 Tencent)

==================== Restore Points =========================

08-04-2014 12:27:51 Windows Update
10-04-2014 16:06:12 Windows Update
12-04-2014 06:45:18 Installed Java 7 Update 51
14-04-2014 10:07:20 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:08:44 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:11:19 Revo Uninstaller's restore point - RegClean Pro
14-04-2014 10:15:05 Revo Uninstaller's restore point - Yahoo Community Smartbar
14-04-2014 10:16:08 Revo Uninstaller's restore point - VO Package
14-04-2014 10:17:11 Revo Uninstaller's restore point - Shopping Helper Smartbar Engine
14-04-2014 10:18:08 Revo Uninstaller's restore point - Shopping Helper Smartbar
14-04-2014 10:19:16 Revo Uninstaller's restore point - Search Protect
14-04-2014 10:20:20 Revo Uninstaller's restore point - PDF24 Creator 6.3.1
14-04-2014 10:21:52 Revo Uninstaller's restore point - BlockAndSurf
14-04-2014 10:23:16 Revo Uninstaller's restore point - RoboForm 7-9-0-0 (All Users)
14-04-2014 10:25:22 Revo Uninstaller's restore point - MixiDJ Toolbar
14-04-2014 10:26:16 Revo Uninstaller's restore point - Advanced System Protector
14-04-2014 10:27:23 Revo Uninstaller's restore point - AnyProtect

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {002BED3E-0919-4BBA-995C-03DF069AAFAC} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {037DF9E7-FADB-45C4-B37F-AB10B1FD36D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {08C53256-84E4-4A93-9D31-4012A0E1265A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {0B690F27-DA5A-4C5E-8AF6-045ABC577E99} - System32\Tasks\Opera D2 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {0F3BF346-E3C8-407A-A8ED-F1A344B1AE90} - System32\Tasks\MySearchDial => C:\Users\Botan\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {248AD0D2-7E7E-4D32-81AB-FA015E15B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {32E2FB49-08D2-4DBE-93C7-4EC65EC0EC27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {349B0F97-B431-456B-B666-EB392A49DA97} - System32\Tasks\{EB1A13EA-FB01-4D59-99CA-D755078280C9} => Firefox.exe
Task: {358D2FBC-F05A-4FC4-AE91-FC65E464D2C0} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-06-29] (Siber Systems)
Task: {466EB646-6AE3-4FEA-AFAE-4B00CF4A4F1F} - System32\Tasks\Feven 2.5-updater => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {4D706DDF-EC04-4E4E-BA67-1F48DEAD41DF} - System32\Tasks\{7636DB98-A8B0-4C6C-B62E-77A875639331} => Firefox.exe
Task: {716308E0-EBF5-4045-B679-B21CAF58631D} - System32\Tasks\Feven 2.5-enabler => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {91A8BAED-7921-4F64-8D8F-23A72868DD67} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {9503C1BF-E2EA-4760-BD4F-F7647B362EEA} - System32\Tasks\{BE28D158-551B-4294-9100-DA3EFCA27DD3} => Firefox.exe
Task: {A3BF923E-AA25-43DC-B5EC-2164F85BE938} - System32\Tasks\Opera D3 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {AB508837-83B5-4E66-9A18-561657546FF3} - System32\Tasks\Feven 2.5-codedownloader => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B463C9EE-9821-4903-8D31-3266E2131E4A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMNJLMMJMMKMLJJJCNOMKMJJKMCNLMIMNJHMCNGMOMOMJMCNLMLJNJHMPMNMOJIMJJHMKMOMJNJICMIMCNGMCNPMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMPMCNN MJNPICMPMFMFMNMHMHMJNHICMEKMICNJJCKJNBJCMNLAJLIOJBJJNKJCMJNNICMJNDJCMLJKJ"
Task: {C186A300-3641-462C-A6D7-1A3BB0D8F83B} - System32\Tasks\Feven 2.5-firefoxinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {C3C1E073-17C1-4AD7-888A-EFA9E57142B8} - System32\Tasks\Opera D4 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {C9235D0C-6F53-4B69-AC9C-53FC28D920D7} - System32\Tasks\{3AD24F87-9E1D-4000-88A5-34C6683E7650} => Firefox.exe hxxp://ui.skype.com/ui/0/6.10.59.104/de/abandoninstall?page=tsProgressBar
Task: {E0528B75-3D38-4F12-A4E6-033E34E9F856} - System32\Tasks\MagniPicUpdaterTask{763F5F08-6C67-402E-A43C-A37A27633406} => C:\ProgramData\Premium\MagniPic\MagniPic.exe [2012-12-04] () <==== ATTENTION
Task: {E14E85D1-45F7-43B2-9A7C-CB3D1D188C22} - System32\Tasks\Feven 2.5-chromeinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe [2014-01-18] (Feven) <==== ATTENTION
Task: {ED694BC0-5C42-40F0-A6D5-2F1AEC4CFB58} - System32\Tasks\Opera D1 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {FA300F06-B62E-4AA8-AC6E-3FA665C44822} - System32\Tasks\Opera D5 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\Feven 2.5-chromeinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-codedownloader.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-enabler.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-updater.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MagniPicUpdaterTask{763F5F08-6C67-402E-A43C-A37A27633406}.job => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Botan\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-12-27 18:07 - 2013-12-27 18:07 - 04204032 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-06-23 19:00 - 2012-12-04 11:39 - 00235008 ____N () C:\ProgramData\Premium\MagniPic\MagniPic.exe
2010-10-19 09:31 - 2010-10-19 09:31 - 00205312 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2013-06-01 16:12 - 2013-06-01 16:12 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-01 16:12 - 2013-06-01 16:12 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-02-18 09:52 - 2013-02-18 09:52 - 00031744 _____ () C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
2014-03-29 01:17 - 2014-04-10 14:25 - 00350488 _____ () C:\Program Files (x86)\PlurPush\updatePlurPush.exe
2014-03-30 16:34 - 2014-04-10 13:52 - 00350488 _____ () C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
2012-12-19 17:32 - 2012-12-19 17:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-03-30 17:05 - 2014-03-30 17:05 - 00287000 _____ () C:\Program Files (x86)\PlurPush\bin\FilterApp_C64.exe
2014-04-10 00:08 - 2014-04-08 00:02 - 00095512 _____ () C:\Program Files (x86)\PlurPush\bin\PlurPush.BrowserAdapter.exe
2014-02-09 12:40 - 2014-02-09 12:40 - 00012832 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Lrcnta.exe
2013-12-27 18:07 - 2013-12-27 18:07 - 04242432 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer.dll
2013-12-27 18:07 - 2013-12-27 18:07 - 00180048 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-26 00:02 - 2009-12-09 15:20 - 00126976 ____R () C:\Program Files (x86)\LevelOne\WUA-0605\EnumDevLib.dll
2014-02-25 10:55 - 2014-02-25 10:55 - 00151040 ____N () C:\Users\Bekir&Botan\AppData\Local\Temp\is45637729\1940131_stp\RAM.dll
2014-03-17 14:19 - 2014-03-17 14:19 - 00214528 ____N () C:\Users\Bekir&Botan\AppData\Local\Temp\is45637729\1940214_stp\icc.dll
2014-03-13 16:39 - 2014-03-13 16:39 - 00645592 ____N () C:\Users\Bekir&Botan\AppData\Local\Temp\is45637729\1940214_stp\sqlite3.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00033824 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00063520 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srau.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00166432 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 02310688 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00058400 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\spbl.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00152608 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00013344 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\siem.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00054304 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\sppsm.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00728096 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00082464 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014368 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00017440 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00052256 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srut.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00020512 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srsbs.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00059424 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00037408 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srbu.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014368 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\sgml.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00053280 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014880 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srpdm.dll
2014-02-09 12:40 - 2014-02-09 12:40 - 00048160 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-02-09 12:37 - 2014-02-09 12:37 - 00026144 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00025632 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00193056 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\sgmu.dll
2014-02-09 12:37 - 2014-02-09 12:37 - 00061440 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00247328 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\srns.dll
2014-02-09 12:40 - 2014-02-09 12:40 - 00020512 _____ () C:\Users\Botan\AppData\Local\Smartbar\Application\lrcnt.dll
2014-03-18 18:05 - 2014-03-18 18:05 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-18 17:01 - 2014-03-28 15:40 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2014 00:31:12 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:31:08 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:31:05 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:31:02 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:30:06 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:30:04 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:30:03 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:30:01 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:29:06 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/14/2014 00:29:05 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.


System errors:
=============
Error: (04/14/2014 11:19:01 AM) (Source: Service Control Manager) (User: )
Description: Dienst "BlockAndSurf" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/14/2014 11:18:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (04/14/2014 11:17:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet:
%%126

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (04/14/2014 11:16:52 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:15:59 unerwartet heruntergefahren.

Error: (04/14/2014 11:15:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:14:02 unerwartet heruntergefahren.

Error: (04/14/2014 11:13:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/14/2014 11:13:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (04/14/2014 11:13:13 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:11:47 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 4093.55 MB
Available physical RAM: 1527.5 MB
Total Pagefile: 8185.25 MB
Available Pagefile: 5199.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:136.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6312B514)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014 01
Ran by Botan (administrator) on XEBAT-PC on 14-04-2014 12:30:14
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\Premium\MagniPic\MagniPic.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
() C:\Program Files (x86)\PlurPush\updatePlurPush.exe
() C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Akamai Technologies, Inc.) C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BugSplat, LLC) C:\Users\Bekir&Botan\Desktop\LOLPBE\RADS\solutions\lol_game_client_sln\releases\0.0.2.36\deploy\BsSndRpt.exe
(BugSplat, LLC) C:\Users\Bekir&Botan\Desktop\LOLPBE\RADS\solutions\lol_game_client_sln\releases\0.0.2.36\deploy\BsSndRpt.exe
(                                                            ) C:\Users\BEKIR&~1\AppData\Local\Temp\nsh8CB7.tmp
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe
() C:\Program Files (x86)\PlurPush\bin\FilterApp_C64.exe
() C:\Program Files (x86)\PlurPush\bin\PlurPush.BrowserAdapter.exe
(Smartbar) C:\Users\Botan\AppData\Local\Smartbar\Application\Smartbar.exe
() C:\Users\Botan\AppData\Local\Smartbar\Application\Lrcnta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [X]
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2013-06-29] (Siber Systems)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe [20760 2013-11-21] (Smartbar)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Spotify] => C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [Akamai NetSession Interface] => C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [DT Emphelungstool] => "C:\Users\Bekir&Botan\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006\...\MountPoints2: {db1faac1-9594-11e2-9446-806e6f6e6963} - D:\Start.exe
AppInit_DLLs: C:\PROGRA~3\BROWSE~1\BROWSE~2.DLL => C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll [4204032 2013-12-27] ()
AppInit_DLLs-x32: c:\progra~3\browse~1\browse~1.dll => C:\ProgramData\Browser Stabilizer\BrowserStabilizer.dll [4242432 2013-12-27] ()
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cn.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389996519&from=tugs&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUD11505315053&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDM,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDM,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDY,&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiHNiYBLXFYk_-w9a654dXDEgIToDQLPUIDYB4w_Aqlr8KCfMtMCDM,&q={searchTerms}
BHO: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll (Feven)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho.dll (Feven)
BHO-x32: Lyrics Monkey - {18CAEA74-C7E8-4D37-967F-1D01351BA398} - C:\Program Files (x86)\LyricsMonkey\lyricsmonkey.dll (MNDi Software)
BHO-x32: MiaggnyiPPic - {226EC5EC-B16E-A1ED-2CC5-09C8C306D073} - C:\ProgramData\MiaggnyiPPic\51c7351647449.dll ()
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll (PlurPush)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: http:\/\/start.mysearchdial.com\/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: http:\/\/start.mysearchdial.com\/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google-Suche) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (MySearchDial Neuer Tab) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Google Mail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR Extension: (Feven 2.5) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbhkhbgdaamliaimlpdlhokkecoibka [2014-01-18]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-18]
CHR HKLM-x32\...\Chrome\Extension: [khialnikbocfgkohdegnebhmmaifoglp] - C:\Program Files (x86)\LyricsMonkey\Chrome.crx [2013-04-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 2db04d42; C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll [180048 2013-12-27] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
U4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2466080 2014-03-30] (Conduit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-02-18] ()
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-10] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-10] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-18] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [884712 2014-03-23] (TENCENT)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-14 12:30 - 2014-04-14 12:30 - 00024302 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-14 12:29 - 02157568 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D1
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Systweak
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 10:30 - 2014-04-14 10:50 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2014-04-14 12:22 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 09:10 - 2014-04-14 12:10 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-14 09:10 - 2014-04-14 09:10 - 00003232 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-04-14 09:09 - 2014-04-14 09:10 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\mysearchdial
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-14 09:09 - 2014-04-14 09:09 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 09:09 - 2014-04-11 23:13 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-14 12:19 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-11 14:43 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-03 22:37 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (hxxp://yourfiledownloader.com) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:12 - 2014-04-03 18:12 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Systweak
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:02 - 2014-04-03 18:03 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Systweak
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:30 - 2014-03-31 14:52 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-03-30 15:30 - 2014-03-30 15:30 - 00001973 _____ () C:\Users\Botan\Desktop\Sync Folder.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00001091 _____ () C:\Users\Botan\Desktop\MyPC Backup.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-30 15:29 - 2014-04-14 12:26 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Systweak
2014-03-30 15:29 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\Smartbar
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\LPT
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:16 - 2014-03-23 14:16 - 00000000 ____D () C:\Program Files\Tencent
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 16:02 - 00000000 ____D () C:\Program Files (x86)\Tencent
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 21:54 - 2014-03-22 01:10 - 00000000 ____D () C:\ProgramData\Tencent
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-23 22:47 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-22 01:10 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Tencent
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-14 12:30 - 2014-04-14 12:30 - 00024302 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-14 12:29 - 02157568 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:26 - 2014-03-30 15:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Systweak
2014-04-14 12:24 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:22 - 2014-04-14 09:11 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 12:22 - 2013-03-25 23:44 - 01778423 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 12:21 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 12:19 - 2014-04-07 20:19 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-14 12:17 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:10 - 2014-04-14 09:10 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D1
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 12:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 11:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 11:21 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-14 11:21 - 2014-01-18 00:09 - 00001328 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-04-14 11:21 - 2014-01-18 00:09 - 00001280 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-04-14 11:21 - 2014-01-18 00:09 - 00001152 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-04-14 11:21 - 2014-01-18 00:08 - 00002112 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-04-14 11:21 - 2014-01-18 00:08 - 00002034 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-04-14 11:21 - 2013-06-23 19:00 - 00000376 ____H () C:\Windows\Tasks\MagniPicUpdaterTask{763F5F08-6C67-402E-A43C-A37A27633406}.job
2014-04-14 11:21 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:19 - 2014-01-18 00:09 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Systweak
2014-04-14 11:16 - 2013-03-26 00:21 - 00194534 _____ () C:\Windows\PFRO.log
2014-04-14 11:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 11:16 - 2009-07-14 06:51 - 00080673 _____ () C:\Windows\setupact.log
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 10:50 - 2014-04-14 10:30 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-14 09:10 - 2014-04-14 09:10 - 00003232 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-04-14 09:10 - 2014-04-14 09:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\mysearchdial
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-14 09:09 - 2014-04-14 09:09 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-13 11:58 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 23:13 - 2014-04-14 09:09 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-11 14:43 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-09 21:10 - 2013-06-10 22:13 - 00002387 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2013-03-29 11:48 - 00000000 _____ () C:\END
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:37 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:55 - 2014-04-03 21:54 - 07083256 _____ (hxxp://yourfiledownloader.com) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2014-04-03 18:12 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Systweak
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:03 - 2014-04-03 18:02 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Systweak
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-31 18:36 - 2014-01-18 00:09 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-03-31 14:52 - 2014-03-30 15:30 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:30 - 2014-03-30 15:30 - 00001973 _____ () C:\Users\Botan\Desktop\Sync Folder.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00001091 _____ () C:\Users\Botan\Desktop\MyPC Backup.lnk
2014-03-30 15:30 - 2014-03-30 15:30 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\Smartbar
2014-03-30 15:28 - 2014-03-30 15:28 - 00000000 ____D () C:\Users\Botan\AppData\Local\LPT
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:47 - 2014-03-19 19:02 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:16 - 2014-03-23 14:16 - 00000000 ____D () C:\Program Files\Tencent
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-22 01:10 - 2014-03-19 21:54 - 00000000 ____D () C:\ProgramData\Tencent
2014-03-22 01:10 - 2014-03-18 20:41 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Tencent
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 16:02 - 2014-03-20 15:59 - 00000000 ____D () C:\Program Files (x86)\Tencent
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Bekir&Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\DelayInst.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\installservice.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMDll.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMResource.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\Profiles.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\unicows.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Botan\AppData\Local\Temp\1_Offer_9.exe
C:\Users\Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Botan\AppData\Local\Temp\DownloadManager.exe
C:\Users\Botan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Botan\AppData\Local\Temp\nsiA7B8.exe
C:\Users\Botan\AppData\Local\Temp\sp-downloader.exe
C:\Users\Botan\AppData\Local\Temp\TXPltSafeInit.dll
C:\Users\Schule\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Schule\AppData\Local\Temp\gnsocaby.dll
C:\Users\Schule\AppData\Local\Temp\hrxha0hy.dll
C:\Users\Schule\AppData\Local\Temp\instloffer.exe
C:\Users\Schule\AppData\Local\Temp\itinstallerp.exe
C:\Users\Schule\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Schule\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Schule\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Schule\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Schule\AppData\Local\Temp\uninst1.exe
C:\Users\Schule\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Schule\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Xebat\AppData\Local\Temp\bitool.dll
C:\Users\Xebat\AppData\Local\Temp\DeltaTB.exe
C:\Users\Xebat\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Xebat\AppData\Local\Temp\LyricsPal.exe
C:\Users\Xebat\AppData\Local\Temp\lyricstmp.exe
C:\Users\Xebat\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\Xebat\AppData\Local\Temp\ose00000.exe
C:\Users\Xebat\AppData\Local\Temp\vlc-2.0.6-win64.exe
C:\Users\Xebat\AppData\Local\Temp\wajam_install.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
__________________

Alt 14.04.2014, 22:10   #4
Bootsektor
Ruhe in Frieden
† 2019
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Hallo bekirikus,

gibt es einen bestimmten Grund, warum auf dem Rechner kein Antivirenprogramm drauf ist?

Sagt dir eine Softwarefirma namens Tencent etwas? In deiner Programmliste befindet sich ein Eintrag von denen.

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

Browser Stabilizer
Bundled software uninstaller
DMUninstaller
Feven 2.5
FilesFrog Update Checker
Lyrics Monkey
MagniPic
MyPC Backup
Mysearchdial
SoftwareUpdater
WPM17.8.0.3325

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen
Falls du Probleme mit der Deinstallation eines der genannten Programme haben solltest, dann benutze den Revo-uninstaller dafür.

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
    Windows Vista und höher: mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language German aus.
  • Klicke auf Armaturenbrett und auf Jetzt aktualisieren, um die Datenbank zu updaten.
  • Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Alt 15.04.2014, 14:46   #5
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Tencent sagt mir jetzt nichts :O. Zu den Virenprogrammen kann ich nur sagen, dass ich immer die falschen raussuche und diese sich dann als Viren herausstellen.. Würde mich freuen wenn du mir ein Programm(kostenlos) empfehlen könntest.

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 15/04/2014 um 13:08:23
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate  (64 bits)
# Benutzername : Botan - XEBAT-PC
# Gestartet von : C:\Users\Botan\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\StarApp
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Tencent
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\MiaggnyiPPic
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\MagniPic
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\Tencent
Ordner Gelöscht : C:\Program Files (x86)\XingHaoLyrics
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Tencent
Ordner Gelöscht : C:\Program Files\Tencent
Ordner Gelöscht : C:\Users\Xebat\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Xebat\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Xebat\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gelöscht : C:\Users\Schule\AppData\Local\webplayer
Ordner Gelöscht : C:\Users\Schule\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Schule\AppData\LocalLow\mixidj
Ordner Gelöscht : C:\Users\Schule\AppData\LocalLow\MiaggnyiPPic
Ordner Gelöscht : C:\Users\Schule\AppData\Roaming\BitLord
Ordner Gelöscht : C:\Users\Schule\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Schule\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Schule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker 
Ordner Gelöscht : C:\Users\Schule\Documents\BitLord
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\LocalLow\mixidj
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\LocalLow\MiaggnyiPPic
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Bekir&Botan\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Botan\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Botan\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Botan\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Botan\AppData\Local\Temp\Tencent
Ordner Gelöscht : C:\Users\Botan\AppData\LocalLow\mixidj
Ordner Gelöscht : C:\Users\Botan\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Botan\AppData\LocalLow\MiaggnyiPPic
Ordner Gelöscht : C:\Users\Botan\AppData\Roaming\Mysearchdial
Ordner Gelöscht : C:\Users\Botan\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Botan\AppData\Roaming\Tencent
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\ffxtlbr@mixidj.com
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\staged
Ordner Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\Extensions\staged
Ordner Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\Extensions\staged
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\Extensions\staged
Ordner Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Ordner Gelöscht : C:\Users\Schule\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp
Ordner Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gelöscht : C:\Users\Bekir&Botan\Desktop\Search.lnk
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\user.js
Datei Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\user.js
Datei Gelöscht : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\user.js
Datei Gelöscht : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\user.js
Datei Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gelöscht : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Botan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\5208adbe16fee43
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_actual-booster_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_actual-booster_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skypelogview_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skypelogview_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{226EC5EC-B16E-A1ED-2CC5-09C8C306D073}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{226EC5EC-B16E-A1ED-2CC5-09C8C306D073}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TENCENT
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\TENCENT
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\SoftwareUpdater
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\TENCENT
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16476

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Xebat\AppData\Roaming\Mozilla\Firefox\Profiles\9nlsrkz3.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5IJzD1I[...]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "143df47e901d5f1afaf10e9892e57d3e");
Zeile gelöscht : user_pref("extensions.mixidj.tlbrId", "mdelta");
Zeile gelöscht : user_pref("extensions.wajam.affiliate_id", "5921");
Zeile gelöscht : user_pref("extensions.wajam.firstrun", "false");
Zeile gelöscht : user_pref("extensions.wajam.log_send_info", "false");
Zeile gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21088\",\"update_interval\":1379,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]
Zeile gelöscht : user_pref("extensions.wajam.no_trace", "false");
Zeile gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21088");
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.amazon_product.priam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam'[...]
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.amazon_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['W[...]
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Zeile gelöscht : user_pref("extensions.wajam.trace_log", "1365245657839 - onFlagInfoReceived - Server mapping version (client-side): 0.21086\n1365245657839 - onFlagInfoReceived - Same server mapping version, don't upd[...]
Zeile gelöscht : user_pref("extensions.wajam.unique_id", "2BAE65D8B6B1C5AEA46FD1876421E2C2");
Zeile gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
Zeile gelöscht : user_pref("extensions.wajam.version", "1.26");
Zeile gelöscht : user_pref("extensions.wajam.website_version", "1.00271.0");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiH[...]

[ Datei : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\kh6wqhhj.default\prefs.js ]

Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5IJzD1I[...]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD[...]
Zeile gelöscht : user_pref("extensions.51c735164736a.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};if(window.self==window.top){var script=document.createElem[...]
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "143d322eb8e7dd5d5d40dc19140f2132");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5ILdELcvqWDYiH[...]
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");

[ Datei : C:\Users\Schule\AppData\Roaming\Mozilla\Firefox\Profiles\wptsnvzn.default-1367853308201\prefs.js ]

Zeile gelöscht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD[...]

[ Datei : C:\Users\Bekir&Botan\AppData\Roaming\Mozilla\Firefox\Profiles\yxwdkydi.default\prefs.js ]

Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmyiODzEX4hIHeBL1Zbq1jhO8_n0ss1DSeCUXx51M6srOmpDrKkYTlsO3Uf6OCcr3Ut0xobjnr2QBlhVqGiUdFnhGc5IJzD1I[...]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "nationzoom");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=c0b4d54d-99ca-aa89-23c5-24b59b538e10&searchtype=hp&fr=linkury-tb&installDate=14/01/2014&ty[...]
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "143a2d2bba07b56ec54849a93dd5b919");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=c0b4d54d-99ca-aa89-23c5-24b59b538e10&searchtype=ds&fr=linkury-tb&installDate=14/01/2014&type=hp1000&p="[...]
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");

[ Datei : C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "145649c8d427189e17acc34ad9fe9147");

-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Schule\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

[ Datei : C:\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

[ Datei : C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : icon_url

*************************

AdwCleaner[R0].txt - [37437 octets] - [15/04/2014 13:07:13]
AdwCleaner[S0].txt - [30407 octets] - [15/04/2014 13:08:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30468 octets] ##########
         
--- --- ---


+++ mbam.txt konnte ich hier nicht reinkopieren da beim erstellen der datei das gesamte Programm abgestürtzt ist +++

Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by Botan at 2014-04-15 14:10:42
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
½£Áé_ÌÚѶ (HKLM-x32\...\½£Áé_ÌÚѶ) (Version:  - Tencent)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
C9 (HKLM-x32\...\C9(Continent of the Ninth Seal)_is1) (Version:  - WEBZEN)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
China Localization Patcher (HKLM-x32\...\{358B9F54-BFA2-4FC4-8134-CA786EC84260}) (Version: 1.5.1.0 - LokiReborn)
Cisco EAP-FAST Module (HKLM-x32\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Don't Starve (HKLM-x32\...\DontStarve) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dr. Hardware 2013 13.0d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version:  - Peter A. Gebhard)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to MP3 Converter version 5.0.23.320 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
InfiniteCrisis (HKLM-x32\...\InfiniteCrisis) (Version:  - Turbine, Inc)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
ÌÚѶÓÎϷƽ̨ (HKLM-x32\...\ÌÚѶÓÎϷƽ̨Formal) (Version:  - Tencent)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kingdoms of Amalur™ Reckoning DELUXE EDITION (HKLM-x32\...\Kingdoms of Amalur™ Reckoning DELUXE EDITION_is1) (Version: 1.0.0.2 - QfG)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LevelOne WUA-0605 Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0113 - LevelOne)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mass Effect Deluxe Edition (HKLM-x32\...\{A5C7818C-27AC-4A71-BEDF-BA5652D2CC36}_is1) (Version: v1.02 - The Most Electrifying Man)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version:  - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140120.76235 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlurPush (HKLM\...\PlurPush) (Version: 2014.03.28.231718 - PlurPush)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.5.201304180917 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version:  - Microsoft)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
网游加速小助手(剑灵) (HKLM-x32\...\网游加速小助手(剑灵)) (Version: 2.0.45.89 - Copyright (C) 2013 Tencent)

==================== Restore Points  =========================

10-04-2014 16:06:12 Windows Update
12-04-2014 06:45:18 Installed Java 7 Update 51
14-04-2014 10:07:20 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:08:44 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:11:19 Revo Uninstaller's restore point - RegClean Pro
14-04-2014 10:15:05 Revo Uninstaller's restore point - Yahoo Community Smartbar
14-04-2014 10:16:08 Revo Uninstaller's restore point - VO Package
14-04-2014 10:17:11 Revo Uninstaller's restore point - Shopping Helper Smartbar Engine
14-04-2014 10:18:08 Revo Uninstaller's restore point - Shopping Helper Smartbar
14-04-2014 10:19:16 Revo Uninstaller's restore point - Search Protect
14-04-2014 10:20:20 Revo Uninstaller's restore point - PDF24 Creator 6.3.1
14-04-2014 10:21:52 Revo Uninstaller's restore point - BlockAndSurf
14-04-2014 10:23:16 Revo Uninstaller's restore point - RoboForm 7-9-0-0 (All Users)
14-04-2014 10:25:22 Revo Uninstaller's restore point - MixiDJ Toolbar 
14-04-2014 10:26:16 Revo Uninstaller's restore point - Advanced System Protector
14-04-2014 10:27:23 Revo Uninstaller's restore point - AnyProtect
15-04-2014 10:34:47 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {002BED3E-0919-4BBA-995C-03DF069AAFAC} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {037DF9E7-FADB-45C4-B37F-AB10B1FD36D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {08C53256-84E4-4A93-9D31-4012A0E1265A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {0B690F27-DA5A-4C5E-8AF6-045ABC577E99} - System32\Tasks\Opera D2 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {248AD0D2-7E7E-4D32-81AB-FA015E15B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {32E2FB49-08D2-4DBE-93C7-4EC65EC0EC27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {349B0F97-B431-456B-B666-EB392A49DA97} - System32\Tasks\{EB1A13EA-FB01-4D59-99CA-D755078280C9} => Firefox.exe 
Task: {358D2FBC-F05A-4FC4-AE91-FC65E464D2C0} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {4D706DDF-EC04-4E4E-BA67-1F48DEAD41DF} - System32\Tasks\{7636DB98-A8B0-4C6C-B62E-77A875639331} => Firefox.exe 
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {91A8BAED-7921-4F64-8D8F-23A72868DD67} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {9503C1BF-E2EA-4760-BD4F-F7647B362EEA} - System32\Tasks\{BE28D158-551B-4294-9100-DA3EFCA27DD3} => Firefox.exe 
Task: {A3BF923E-AA25-43DC-B5EC-2164F85BE938} - System32\Tasks\Opera D3 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B463C9EE-9821-4903-8D31-3266E2131E4A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMNJLMMJMMKMLJJJCNOMKMJJKMCNLMIMNJHMCNGMOMOMJMCNLMLJNJHMPMNMOJIMJJHMKMOMJNJICMIMCNGMCNPMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMPMCNNMJNPICMPMFMFMNMHMHMJNHICMEKMICNJJCKJNBJCMNLAJLIOJBJJNKJCMJNNICMJNDJCMLJKJ"
Task: {C3C1E073-17C1-4AD7-888A-EFA9E57142B8} - System32\Tasks\Opera D4 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {C9235D0C-6F53-4B69-AC9C-53FC28D920D7} - System32\Tasks\{3AD24F87-9E1D-4000-88A5-34C6683E7650} => Firefox.exe hxxp://ui.skype.com/ui/0/6.10.59.104/de/abandoninstall?page=tsProgressBar
Task: {FA300F06-B62E-4AA8-AC6E-3FA665C44822} - System32\Tasks\Opera D5 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-06-01 16:12 - 2013-06-01 16:12 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-01 16:12 - 2013-06-01 16:12 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-29 01:17 - 2014-04-15 11:27 - 00350488 _____ () C:\Program Files (x86)\PlurPush\updatePlurPush.exe
2014-03-30 16:34 - 2014-04-15 10:54 - 00350488 _____ () C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
2013-05-17 13:32 - 2013-03-01 14:13 - 01300816 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2013-05-17 13:36 - 2014-03-29 11:00 - 05329400 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe
2013-07-10 10:56 - 2013-07-10 10:56 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe
2013-05-17 13:36 - 2014-04-03 14:26 - 16510456 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\League of Legends.exe
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-26 00:02 - 2009-12-09 15:20 - 00126976 ____R () C:\Program Files (x86)\LevelOne\WUA-0605\EnumDevLib.dll
2014-03-18 18:05 - 2014-03-18 18:05 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-18 17:01 - 2014-03-28 15:40 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2013-09-07 17:04 - 2014-03-29 11:00 - 00264696 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\RiotLauncher.dll
2013-05-17 13:36 - 2014-04-03 14:26 - 01494520 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\RiotLauncher.dll
2013-09-07 17:25 - 2014-03-29 11:00 - 00380408 _____ () C:\Riot Games\League of Legends\RADS\RiotRadsIO.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2014 02:06:38 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xf00
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/15/2014 02:04:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xbc4
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/15/2014 02:03:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xa9c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/15/2014 01:01:08 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/15/2014 01:01:07 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/15/2014 01:01:06 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/15/2014 01:01:04 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/15/2014 01:00:10 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/15/2014 01:00:09 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.

Error: (04/15/2014 01:00:07 PM) (Source: MagniPicUpdater) (User: )
Description: BITS download job failed -2145386479 Die Dateigröße wurde vom Server nicht zurückgegeben. Möglicherweise enthält die URL dynamischen Inhalt. Der Inhaltslängenheader ist in der Server-HTTP-Antwort nicht verfügbar.


System errors:
=============
Error: (04/15/2014 01:10:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/15/2014 01:01:57 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2014 10:51:17 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2014 11:19:01 AM) (Source: Service Control Manager) (User: )
Description: Dienst "BlockAndSurf" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/14/2014 11:18:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (04/14/2014 11:17:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/14/2014 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (04/14/2014 11:16:52 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:15:59 unerwartet heruntergefahren.

Error: (04/14/2014 11:15:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎04.‎2014 um 11:14:02 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 72%
Total physical RAM: 4093.55 MB
Available physical RAM: 1144.36 MB
Total Pagefile: 8185.25 MB
Available Pagefile: 4780.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:137.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6312B514)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 15.04.2014, 14:47   #6
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Botan (administrator) on XEBAT-PC on 15-04-2014 14:10:08
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
() C:\Program Files (x86)\PlurPush\updatePlurPush.exe
() C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
() C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\League of Legends.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify Web Helper] => C:\Users\Xebat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-01-29] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify] => C:\Users\Xebat\AppData\Roaming\Spotify\spotify.exe [4640768 2014-01-29] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [RoboForm] => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {20ff1223-bee4-11e2-9105-50e549d5f581} - F:\Startme.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {797d9470-95aa-11e2-8f78-50e549d5f581} - E:\Setup.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-01] ()
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1815464 2014-01-07] (Valve Corporation)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [SDP] => C:\Users\Schule\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto 
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Online Weather] => C:\Users\Schule\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify] => C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [RoboForm] => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Windows Defender] => C:\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe [313344 2013-07-01] (Windows Defender)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3551576 2014-01-16] (Electronic Arts)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [ThreadManager.exe] => C:\Program Files (x86)\Thread Manager\ThreadManager.exe [12322584 2013-07-04] (Digital Generation Inc.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {fe4d9a5b-d903-11e2-9673-50e549d5f581} - F:\LGAutoRun.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [RoboForm] => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify] => C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Bekir&Botan\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [DT Emphelungstool] => "C:\Users\Bekir&Botan\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 1
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {db1faac1-9594-11e2-9446-806e6f6e6963} - D:\Start.exe
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN???????? ????; (MSN????)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google Search) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-15] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-15] ()

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [884712 2014-03-23] (TENCENT)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-15 14:09 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 13:14 - 2014-04-15 14:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:07 - 2014-04-15 13:09 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-14 12:31 - 00044435 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:30 - 2014-04-15 14:10 - 00018566 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-15 14:10 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-15 14:09 - 02054144 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 10:30 - 2014-04-14 11:10 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 10:30 - 2014-04-14 10:50 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2014-04-14 12:22 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-14 09:09 - 2014-04-11 23:13 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-11 14:43 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-03 22:37 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:30 - 2014-04-15 13:19 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-23 22:47 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-15 14:10 - 2014-04-14 12:30 - 00018566 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-15 14:10 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-15 14:09 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 14:09 - 2014-04-14 12:29 - 02054144 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-15 14:06 - 2014-04-15 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 14:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 14:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 13:19 - 2014-03-30 15:30 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-15 13:15 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:15 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:14 - 2013-03-25 23:44 - 01857641 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:10 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-15 13:10 - 2013-03-26 00:21 - 00201786 _____ () C:\Windows\PFRO.log
2014-04-15 13:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 13:10 - 2009-07-14 06:51 - 00081401 _____ () C:\Windows\setupact.log
2014-04-15 13:09 - 2014-04-15 13:07 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:09 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-15 13:08 - 2013-06-10 22:13 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-15 13:08 - 2013-03-26 00:11 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-15 13:07 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-15 13:01 - 2013-06-23 18:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-15 10:50 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 23:40 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-14 17:58 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-14 12:31 - 00044435 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:22 - 2014-04-14 09:11 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-14 11:10 - 2014-04-14 10:30 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 10:50 - 2014-04-14 10:30 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-14 10:30 - 2014-04-14 10:30 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-14 10:30 - 2014-04-14 10:30 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-14 09:09 - 2014-04-14 09:09 - 00358193 _____ () C:\Users\Botan\AppData\Local\speedial.crx
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 23:13 - 2014-04-14 09:09 - 01079839 _____ (AnyProtect.com) C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-11 14:43 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:37 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:55 - 2014-04-03 21:54 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-03 09:51 - 2014-04-15 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 17:05 - 2014-03-30 17:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 15:40 - 2014-03-29 15:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:47 - 2014-03-19 19:02 - 00884712 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Bekir&Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\DelayInst.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\installservice.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMDll.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMResource.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\NGMSetup.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\Profiles.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\unicows.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Botan\AppData\Local\Temp\1_Offer_9.exe
C:\Users\Botan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Botan\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Botan\AppData\Local\Temp\DownloadManager.exe
C:\Users\Botan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Botan\AppData\Local\Temp\nsiA7B8.exe
C:\Users\Botan\AppData\Local\Temp\Quarantine.exe
C:\Users\Botan\AppData\Local\Temp\sp-downloader.exe
C:\Users\Botan\AppData\Local\Temp\TXPltSafeInit.dll
C:\Users\Schule\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Schule\AppData\Local\Temp\gnsocaby.dll
C:\Users\Schule\AppData\Local\Temp\hrxha0hy.dll
C:\Users\Schule\AppData\Local\Temp\instloffer.exe
C:\Users\Schule\AppData\Local\Temp\itinstallerp.exe
C:\Users\Schule\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Schule\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Schule\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Schule\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Schule\AppData\Local\Temp\uninst1.exe
C:\Users\Schule\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Schule\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Xebat\AppData\Local\Temp\bitool.dll
C:\Users\Xebat\AppData\Local\Temp\DeltaTB.exe
C:\Users\Xebat\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Xebat\AppData\Local\Temp\LyricsPal.exe
C:\Users\Xebat\AppData\Local\Temp\lyricstmp.exe
C:\Users\Xebat\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\Xebat\AppData\Local\Temp\ose00000.exe
C:\Users\Xebat\AppData\Local\Temp\vlc-2.0.6-win64.exe
C:\Users\Xebat\AppData\Local\Temp\wajam_install.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---
...

Alt 15.04.2014, 21:17   #7
Bootsektor
Ruhe in Frieden
† 2019
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Ok, dann lass das erstmal weg,

btw: Warum hat das Windows kein ServicePack1 und noch den IE 9.

Als kostenloses AV kann ich dir AVAST! empfehlen und das auch ziemlich dringend, bei der ganzen Masse an Kram auf deinem PC. Falls du dir es herunterladen möchtest, mache bitte damit eine Schnellüberprüfung und poste etwaige Funde hier.

Wie läuft der Rechner denn jetzt?
Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Online Weather] => C:\Users\Schule\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Windows Defender] => C:\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe [313344 2013-07-01] (Windows Defender)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll No File
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-15] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-15] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
C:\Program Files (x86)\AnyProtectEx
C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
C:\Users\Schule\AppData\Local\WebPlayer
C:\Users\Bekir&Botan\AppData\Local\Smartbar
C:\ProgramData\Windows\
C:\Program Files\McAfee Security Scan
C:\Program Files (x86)\PlurPush
C:\Windows\system32\TesSafe.sys
C:\Windows\System32\drivers\wStLibG64.sys 
C:\Users\Botan\AppData\Local\speedial.crx
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe
C:\Users\Botan\AppData\Local\Temp\*.dll
C:\Users\Botan\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.exe
C:\Users\Xebat\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.dll
C:\Users\Xebat\AppData\Local\Temp\*.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 3
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Alt 16.04.2014, 21:42   #8
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-04-2014 02
Ran by Botan at 2014-04-16 21:30:36
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
½£Áé_ÌÚѶ (HKLM-x32\...\½£Áé_ÌÚѶ) (Version:  - Tencent)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
C9 (HKLM-x32\...\C9(Continent of the Ninth Seal)_is1) (Version:  - WEBZEN)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
China Localization Patcher (HKLM-x32\...\{358B9F54-BFA2-4FC4-8134-CA786EC84260}) (Version: 1.5.1.0 - LokiReborn)
Cisco EAP-FAST Module (HKLM-x32\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Don't Starve (HKLM-x32\...\DontStarve) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dr. Hardware 2013 13.0d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version:  - Peter A. Gebhard)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to MP3 Converter version 5.0.23.320 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
InfiniteCrisis (HKLM-x32\...\InfiniteCrisis) (Version:  - Turbine, Inc)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
ÌÚѶÓÎϷƽ̨ (HKLM-x32\...\ÌÚѶÓÎϷƽ̨Formal) (Version:  - Tencent)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kingdoms of Amalur™ Reckoning DELUXE EDITION (HKLM-x32\...\Kingdoms of Amalur™ Reckoning DELUXE EDITION_is1) (Version: 1.0.0.2 - QfG)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LevelOne WUA-0605 Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0113 - LevelOne)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mass Effect Deluxe Edition (HKLM-x32\...\{A5C7818C-27AC-4A71-BEDF-BA5652D2CC36}_is1) (Version: v1.02 - The Most Electrifying Man)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.5 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.5 (x86 de)) (Version: 17.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version:  - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140120.76235 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlurPush (HKLM\...\PlurPush) (Version: 2014.03.28.231718 - PlurPush)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.5.201304180917 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version:  - Microsoft)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
网游加速小助手(剑灵) (HKLM-x32\...\网游加速小助手(剑灵)) (Version: 2.0.45.89 - Copyright (C) 2013 Tencent)

==================== Restore Points  =========================

12-04-2014 06:45:18 Installed Java 7 Update 51
14-04-2014 10:07:20 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:08:44 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
14-04-2014 10:11:19 Revo Uninstaller's restore point - RegClean Pro
14-04-2014 10:15:05 Revo Uninstaller's restore point - Yahoo Community Smartbar
14-04-2014 10:16:08 Revo Uninstaller's restore point - VO Package
14-04-2014 10:17:11 Revo Uninstaller's restore point - Shopping Helper Smartbar Engine
14-04-2014 10:18:08 Revo Uninstaller's restore point - Shopping Helper Smartbar
14-04-2014 10:19:16 Revo Uninstaller's restore point - Search Protect
14-04-2014 10:20:20 Revo Uninstaller's restore point - PDF24 Creator 6.3.1
14-04-2014 10:21:52 Revo Uninstaller's restore point - BlockAndSurf
14-04-2014 10:23:16 Revo Uninstaller's restore point - RoboForm 7-9-0-0 (All Users)
14-04-2014 10:25:22 Revo Uninstaller's restore point - MixiDJ Toolbar 
14-04-2014 10:26:16 Revo Uninstaller's restore point - Advanced System Protector
14-04-2014 10:27:23 Revo Uninstaller's restore point - AnyProtect
15-04-2014 10:34:47 Windows Update
15-04-2014 20:49:53 avast! antivirus system restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {002BED3E-0919-4BBA-995C-03DF069AAFAC} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {037DF9E7-FADB-45C4-B37F-AB10B1FD36D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {08C53256-84E4-4A93-9D31-4012A0E1265A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {1B3E1F00-7C74-458B-B1E2-AE3ECFD48B54} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-15] (AVAST Software)
Task: {248AD0D2-7E7E-4D32-81AB-FA015E15B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {32E2FB49-08D2-4DBE-93C7-4EC65EC0EC27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {349B0F97-B431-456B-B666-EB392A49DA97} - System32\Tasks\{EB1A13EA-FB01-4D59-99CA-D755078280C9} => Firefox.exe 
Task: {358D2FBC-F05A-4FC4-AE91-FC65E464D2C0} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {4D706DDF-EC04-4E4E-BA67-1F48DEAD41DF} - System32\Tasks\{7636DB98-A8B0-4C6C-B62E-77A875639331} => Firefox.exe 
Task: {91A8BAED-7921-4F64-8D8F-23A72868DD67} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {9503C1BF-E2EA-4760-BD4F-F7647B362EEA} - System32\Tasks\{BE28D158-551B-4294-9100-DA3EFCA27DD3} => Firefox.exe 
Task: {A3BF923E-AA25-43DC-B5EC-2164F85BE938} - System32\Tasks\Opera D3 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {B463C9EE-9821-4903-8D31-3266E2131E4A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMNJLMMJMMKMLJJJCNOMKMJJKMCNLMIMNJHMCNGMOMOMJMCNLMLJNJHMPMNMOJIMJJHMKMOMJNJICMIMCNGMCNPMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMPMCNNMJNPICMPMFMFMNMHMHMJNHICMEKMICNJJCKJNBJCMNLAJLIOJBJJNKJCMJNNICMJNDJCMLJKJ"
Task: {C3C1E073-17C1-4AD7-888A-EFA9E57142B8} - System32\Tasks\Opera D4 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: {C9235D0C-6F53-4B69-AC9C-53FC28D920D7} - System32\Tasks\{3AD24F87-9E1D-4000-88A5-34C6683E7650} => Firefox.exe hxxp://ui.skype.com/ui/0/6.10.59.104/de/abandoninstall?page=tsProgressBar
Task: {FA300F06-B62E-4AA8-AC6E-3FA665C44822} - System32\Tasks\Opera D5 => C:\Program Files (x86)\Opera\launcher.exe [2014-03-19] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-06-01 16:12 - 2013-06-01 16:12 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-01 16:12 - 2013-06-01 16:12 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-23 19:19 - 2014-04-11 00:20 - 00602680 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-15 22:57 - 2014-04-15 22:57 - 02212352 _____ () C:\Program Files\AVAST Software\Avast\defs\14041501\algo.dll
2014-04-16 19:29 - 2014-04-16 19:29 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041601\algo.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2014-04-15 22:51 - 2014-04-15 22:51 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-26 00:02 - 2009-12-09 15:20 - 00126976 ____R () C:\Program Files (x86)\LevelOne\WUA-0605\EnumDevLib.dll
2014-03-18 18:05 - 2014-03-18 18:05 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-18 17:01 - 2014-03-28 15:40 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2013-04-10 13:40 - 2014-04-11 00:20 - 36966968 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\libcef.dll
2013-10-23 19:19 - 2014-04-11 00:20 - 00886840 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-23 19:19 - 2014-04-11 00:20 - 00108600 _____ () C:\Users\Schule\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2014 08:29:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 02:30:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/15/2014 10:50:04 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary lmizbsze.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (04/15/2014 10:29:06 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/15/2014 10:29:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/15/2014 07:31:39 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16dc

Startzeit: 01cf58d08a5325b9

Endzeit: 1

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: cbcf260c-c4c3-11e3-bf73-50e549d5f581

Error: (04/15/2014 03:48:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1300
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


System errors:
=============
Error: (04/16/2014 11:27:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/16/2014 03:04:52 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/16/2014 03:03:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/16/2014 00:34:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/16/2014 00:33:28 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎16.‎04.‎2014 um 00:32:20 unerwartet heruntergefahren.

Error: (04/15/2014 10:25:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/15/2014 10:23:49 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Util PlurPush" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2014 10:23:48 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Update PlurPush" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2014 07:25:14 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.23
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/15/2014 01:10:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%126


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 4093.55 MB
Available physical RAM: 2269.41 MB
Total Pagefile: 8185.25 MB
Available Pagefile: 5241.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:135.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6312B514)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 16.04.2014, 21:43   #9
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 02
Ran by Botan (administrator) on XEBAT-PC on 16-04-2014 21:29:45
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-15] (AVAST Software)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1007\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cn.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-15]

Chrome: 
=======
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google Search) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-15]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-15] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-15] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-15] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 TesSafe; \??\C:\Windows\system32\TesSafe.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:52 - 2014-04-15 22:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:28 - 2014-04-15 22:29 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:09 - 2014-04-16 21:28 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 13:14 - 2014-04-16 21:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:07 - 2014-04-15 13:09 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-16 21:28 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 09:11 - 2014-04-15 22:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-15 19:46 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-16 15:29 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-16 21:29 - 2014-04-14 12:30 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-16 21:29 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-16 21:28 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-16 21:28 - 2014-04-14 12:29 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-16 21:28 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-16 21:22 - 2014-04-15 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 21:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 21:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 20:41 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-16 20:40 - 2009-07-14 06:51 - 00081905 _____ () C:\Windows\setupact.log
2014-04-16 20:37 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-16 20:06 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 17:41 - 2013-03-25 23:44 - 01901884 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 15:29 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 00:33 - 2013-03-26 00:21 - 00202436 _____ () C:\Windows\PFRO.log
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:57 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:53 - 2014-04-15 22:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:29 - 2014-04-15 22:28 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 22:25 - 2014-04-14 09:11 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 22:23 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 19:46 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-15 17:11 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:11 - 2014-04-14 12:31 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:09 - 2014-04-15 13:07 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:08 - 2013-06-10 22:13 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-15 13:08 - 2013-03-26 00:11 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-15 13:01 - 2013-06-23 18:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-15 10:50 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-03 09:51 - 2014-04-15 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Botan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpszn0rt.dll
C:\Users\Xebat\AppData\Local\Temp\bitool.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 02
Ran by Botan (administrator) on XEBAT-PC on 16-04-2014 21:29:45
Running from C:\Users\Botan\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Realtek) C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\LevelOne\WUA-0605\RtWlan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Spotify Ltd) C:\Users\Schule\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-15] (AVAST Software)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1007\...\Run: [Spotify Web Helper] => C:\Users\Schule\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
Startup: C:\Users\Bekir&Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cn.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCE002826F4BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Botan\AppData\Roaming\Mozilla\Firefox\Profiles\fo16hqsi.default-1397469719534
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-15]

Chrome: 
=======
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (Google Docs) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google Search) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-15]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-15] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-06-01] ()
R2 Realtek11nSU; C:\Program Files (x86)\LevelOne\WUA-0605\RtlService.exe [45056 2010-01-21] (Realtek)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-15] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-15] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S1 dgztwemx; \??\C:\Windows\system32\drivers\dgztwemx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 opuaoowl; \??\C:\Windows\system32\drivers\opuaoowl.sys [X]
S3 TesSafe; \??\C:\Windows\system32\TesSafe.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:52 - 2014-04-15 22:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:28 - 2014-04-15 22:29 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:09 - 2014-04-16 21:28 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-15 13:14 - 2014-04-16 21:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:07 - 2014-04-15 13:09 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:31 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-14 12:30 - 2014-04-16 21:29 - 00000000 ____D () C:\FRST
2014-04-14 12:29 - 2014-04-16 21:28 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 09:11 - 2014-04-15 22:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:05 - 2013-11-14 18:26 - 00000507 _____ () C:\Users\Botan\Desktop\readme.txt
2014-04-13 04:05 - 2013-11-14 18:25 - 00272384 _____ (QuickLoL) C:\Users\Botan\Desktop\QuickLoL Timers.exe
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-12 08:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-12 08:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-12 08:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 08:46 - 2014-04-12 08:47 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-07 20:20 - 2014-04-07 20:19 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:19 - 2014-04-07 20:18 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-07 19:44 - 2014-04-15 19:46 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 14:46 - 2014-04-04 15:22 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 22:35 - 2014-04-16 15:29 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-30 22:28 - 2014-03-31 20:55 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:11 - 2013-09-29 13:59 - 02407774 ____N () C:\Users\Botan\Desktop\blackmart.apk
2014-03-30 21:54 - 2014-03-30 22:28 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:43 - 2014-04-14 11:48 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 15:27 - 2014-03-14 00:08 - 00630757 _____ (3DS Emulator - Pokemon X Y) C:\Users\Botan\Desktop\Pokemon XY + Emulator.exe
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 14:13 - 2014-03-23 14:15 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:01 - 2014-03-20 16:02 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:57 - 2014-03-20 15:58 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 12:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-23 22:43 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-20 01:16 - 2014-03-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-20 15:35 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:41 - 2014-03-19 18:28 - 00000000 ____D () C:\GameDownload
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

==================== One Month Modified Files and Folders =======

2014-04-16 21:29 - 2014-04-14 12:30 - 00012859 _____ () C:\Users\Botan\Downloads\FRST.txt
2014-04-16 21:29 - 2014-04-14 12:30 - 00000000 ____D () C:\FRST
2014-04-16 21:28 - 2014-04-15 14:09 - 00000000 ____D () C:\Users\Botan\Downloads\FRST-OlderVersion
2014-04-16 21:28 - 2014-04-14 12:29 - 02158592 _____ (Farbar) C:\Users\Botan\Downloads\FRST64.exe
2014-04-16 21:28 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Spotify
2014-04-16 21:22 - 2014-04-15 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 21:06 - 2013-06-10 22:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 21:01 - 2013-03-26 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 20:41 - 2014-01-21 16:15 - 00000000 ____D () C:\Users\Botan\AppData\Local\Spotify
2014-04-16 20:40 - 2009-07-14 06:51 - 00081905 _____ () C:\Windows\setupact.log
2014-04-16 20:37 - 2014-01-17 21:43 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Skype
2014-04-16 20:06 - 2013-06-10 22:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 17:41 - 2013-03-25 23:44 - 01901884 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 15:29 - 2014-04-03 22:35 - 00000000 ____D () C:\Users\Botan\Desktop\Neuer Ordner
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Downloads\break-party-flyer-graphics-vibe
2014-04-16 14:56 - 2014-04-16 14:56 - 00000000 ____D () C:\Users\Botan\Desktop\break-party-flyer-graphics-vibe
2014-04-16 14:55 - 2014-04-16 14:55 - 09622872 _____ () C:\Users\Botan\Downloads\p1714cn4h31m5h1qu0eg87cbou9b.zip
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:32 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 11:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 00:33 - 2013-03-26 00:21 - 00202436 _____ () C:\Windows\PFRO.log
2014-04-15 22:57 - 2014-04-15 22:57 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\DropboxMaster
2014-04-15 22:57 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Dropbox
2014-04-15 22:56 - 2014-04-15 22:56 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 22:53 - 2014-04-15 22:53 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-15 22:53 - 2014-04-15 22:53 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\AVAST Software
2014-04-15 22:53 - 2014-04-15 22:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-15 22:51 - 2014-04-15 22:51 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-15 22:51 - 2014-04-15 22:51 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-15 22:51 - 2014-04-15 22:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-15 22:50 - 2014-04-15 22:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 22:29 - 2014-04-15 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 22:29 - 2014-04-15 22:28 - 88551496 _____ (AVAST Software) C:\Users\Botan\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 02347384 _____ (ESET) C:\Users\Botan\Downloads\esetsmartinstaller_enu.exe
2014-04-15 22:25 - 2014-04-14 09:11 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 22:23 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 19:46 - 2014-04-07 19:44 - 00000000 ____D () C:\Users\Botan\Desktop\Bewerbung
2014-04-15 17:11 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-04-15 14:11 - 2014-04-15 14:11 - 00052958 _____ () C:\Users\Botan\Documents\FRST.txt
2014-04-15 14:11 - 2014-04-15 14:11 - 00037638 _____ () C:\Users\Botan\Documents\Addition.txt
2014-04-15 14:11 - 2014-04-14 12:31 - 00037638 _____ () C:\Users\Botan\Downloads\Addition.txt
2014-04-15 13:13 - 2014-04-15 13:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 13:13 - 2014-04-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 13:12 - 2014-04-15 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Botan\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:11 - 2014-04-15 13:11 - 00030649 _____ () C:\Users\Botan\Desktop\AdwCleaner[S0].txt
2014-04-15 13:09 - 2014-04-15 13:07 - 00000000 ____D () C:\AdwCleaner
2014-04-15 13:08 - 2013-06-10 22:13 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-15 13:08 - 2013-03-26 00:11 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-15 13:06 - 2014-04-15 13:06 - 01426178 _____ () C:\Users\Botan\Downloads\adwcleaner.exe
2014-04-15 13:01 - 2013-06-23 18:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-15 10:50 - 2014-02-07 14:35 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-04-14 12:32 - 2014-04-14 12:32 - 00059941 _____ () C:\Users\Botan\Desktop\FRST.txt
2014-04-14 12:32 - 2014-04-14 12:32 - 00044435 _____ () C:\Users\Botan\Desktop\Addition.txt
2014-04-14 12:24 - 2014-01-14 15:49 - 00000000 ____D () C:\Users\Botan\Documents\My RoboForm Data
2014-04-14 12:24 - 2013-06-29 13:50 - 00003976 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-04-14 12:14 - 2014-01-07 17:34 - 00000000 ___RD () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\VSRevoGroup
2014-04-14 12:10 - 2014-04-14 12:10 - 00000045 _____ () C:\Users\Botan\AppData\Roaming\WB.CFG
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Opera Software
2014-04-14 12:09 - 2014-04-14 12:09 - 00000000 ____D () C:\Users\Botan\AppData\Local\Opera Software
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-14 12:06 - 2014-04-14 12:06 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-14 12:06 - 2014-04-14 12:06 - 00001268 _____ () C:\Users\Botan\Desktop\Revo Uninstaller.lnk
2014-04-14 12:06 - 2014-04-14 12:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 12:05 - 2014-04-14 12:05 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-14 12:05 - 2014-04-14 12:05 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-14 12:04 - 2014-04-14 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Botan\Downloads\revosetup.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00710848 _____ ( ) C:\Users\Botan\Downloads\COMPUTER_BILD-Download-Manager_fuer_revosetup.exe
2014-04-14 12:02 - 2014-04-14 12:02 - 00000000 ____D () C:\Users\Botan\Desktop\Alte Firefox-Daten
2014-04-14 11:48 - 2014-04-14 11:48 - 00001103 _____ () C:\Users\Bekir&Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:48 - 2014-03-30 15:43 - 00001091 _____ () C:\Users\Botan\Desktop\Continue VuuPC Installation.lnk
2014-04-14 11:19 - 2014-04-14 11:19 - 00001426 _____ () C:\Users\Bekir&Botan\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:19 - 2013-10-23 15:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Roaming\Spotify
2014-04-14 11:19 - 2013-09-30 18:50 - 00099152 _____ () C:\Users\Bekir&Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 11:17 - 2014-04-14 11:17 - 00001426 _____ () C:\Users\Xebat\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:15 - 2014-04-14 11:15 - 00001426 _____ () C:\Users\Schule\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-14 11:01 - 2013-03-26 00:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:01 - 2013-03-26 00:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:01 - 2013-03-26 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-13 04:05 - 2014-04-13 04:05 - 00000000 ____D () C:\Users\Botan\AppData\Local\QuickLoL
2014-04-13 04:04 - 2014-04-13 04:04 - 00080780 _____ () C:\Users\Botan\Downloads\quickloltimers.rar
2014-04-12 08:47 - 2014-04-12 08:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-12 08:47 - 2014-04-12 08:46 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-12 08:47 - 2013-05-16 21:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-11 00:20 - 2013-04-10 13:40 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Spotify
2014-04-10 18:07 - 2013-09-07 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:06 - 2009-10-14 07:12 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:58 - 2009-07-14 19:58 - 01169372 _____ () C:\Windows\system32\perfh007.dat
2014-04-10 15:58 - 2009-07-14 19:58 - 00296124 _____ () C:\Windows\system32\perfc007.dat
2014-04-10 15:58 - 2009-07-14 07:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 15:39 - 2014-04-10 15:39 - 00993712 _____ () C:\Users\Botan\Downloads\setup (1).exe
2014-04-08 20:29 - 2014-04-08 20:29 - 00013281 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles(1).zip
2014-04-08 20:28 - 2014-04-08 20:28 - 00008908 _____ () C:\Users\Botan\Downloads\Flaticon_AllFiles.zip
2014-04-08 14:21 - 2009-07-14 06:45 - 04947952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 20:30 - 2014-01-07 17:34 - 00099152 _____ () C:\Users\Botan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 20:19 - 2014-04-07 20:20 - 00043113 _____ () C:\Users\Botan\Desktop\beautiful es.zip
2014-04-07 20:18 - 2014-04-07 20:19 - 00096732 _____ () C:\Users\Botan\Desktop\flaemische kanzleischrift.zip
2014-04-07 20:18 - 2014-04-07 20:18 - 00236936 _____ () C:\Users\Botan\Downloads\FlaemischeKanzleischrift_downloader-25q8QlRF.exe
2014-04-07 20:18 - 2014-04-07 20:18 - 00236920 _____ () C:\Users\Botan\Downloads\BeautifulES_downloader-cvjY6Vss.exe
2014-04-07 20:15 - 2014-04-07 20:15 - 00139237 _____ () C:\Users\Botan\Downloads\Learning-Curve-Pro.zip
2014-04-05 23:50 - 2013-03-27 03:49 - 00000000 ____D () C:\Windows\Minidump
2014-04-05 23:49 - 2014-04-05 23:49 - 00262144 ____N () C:\Windows\Minidump\040514-39140-01.dmp
2014-04-05 13:40 - 2014-04-05 13:40 - 00000000 ____D () C:\Users\Botan\Documents\League of Legends
2014-04-05 13:38 - 2014-04-05 13:38 - 00138280 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-04 20:01 - 2013-06-10 22:12 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 20:01 - 2013-06-10 22:12 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-04 15:22 - 2014-04-04 14:46 - 108731266 _____ () C:\Users\Botan\Downloads\C-BL_LNFBE.rar
2014-04-03 18:13 - 2014-01-14 22:20 - 00000000 ____D () C:\Users\Bekir&Botan\AppData\Local\Akamai
2014-04-03 18:12 - 2013-05-01 19:43 - 00000000 ____D () C:\Users\Schule\AppData\Local\PMB Files
2014-04-03 18:09 - 2014-04-03 18:09 - 00000000 ____D () C:\Users\Schule\AppData\Local\Skype
2014-04-03 18:09 - 2013-04-08 15:06 - 00000000 ____D () C:\Users\Schule\AppData\Roaming\Skype
2014-04-03 18:01 - 2013-06-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-03 18:00 - 2013-07-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 17:58 - 2014-02-07 14:33 - 00000000 ____D () C:\Users\Botan\AppData\Local\Adobe
2014-04-03 17:55 - 2014-01-15 19:47 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Adobe
2014-04-03 09:51 - 2014-04-15 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 20:52 - 2014-04-02 20:52 - 00016795 _____ () C:\Users\Botan\Documents\Lebenslauf.odt
2014-04-02 20:49 - 2014-04-02 20:49 - 00026660 _____ () C:\Users\Botan\Documents\Bekir Yentar3BKM.odt
2014-03-31 20:55 - 2014-03-30 22:28 - 00000000 ____D () C:\Users\Botan\Downloads\client
2014-03-30 22:28 - 2014-03-30 21:54 - 1613897479 _____ () C:\Users\Botan\Downloads\extremmt2_update3.0.tar.gz
2014-03-30 15:27 - 2014-03-30 15:27 - 00617837 _____ () C:\Users\Botan\Downloads\Pokemon XandY emulator.zip
2014-03-30 12:17 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 15:40 - 2014-03-29 15:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-28 15:40 - 2014-03-28 15:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-26 22:36 - 2013-04-11 13:25 - 00000000 ____D () C:\Users\Schule\Desktop\Bilder
2014-03-23 22:43 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Local\Battle.net
2014-03-23 14:25 - 2013-11-10 21:39 - 00000000 ____D () C:\download
2014-03-23 14:15 - 2014-03-23 14:13 - 02798160 _____ () C:\Users\Botan\Downloads\TGPMiniDown.1450.2.1.4.7357.bns.signed.exe
2014-03-23 05:55 - 2013-10-03 19:32 - 00000062 _____ () C:\Users\Bekir&Botan\Desktop\settings.json
2014-03-21 23:07 - 2014-03-20 01:16 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 16:02 - 2014-03-20 16:02 - 00001102 _____ () C:\Users\Botan\Desktop\ÌÚѶÓÎϷƽ̨.lnk
2014-03-20 16:02 - 2014-03-20 16:01 - 32992408 _____ (Tencent) C:\Users\Botan\Downloads\TGPSetup1.0.9.1323.exe
2014-03-20 15:59 - 2014-03-20 15:59 - 00002193 _____ () C:\Users\Botan\Desktop\网游加速小助手(剑灵).lnk
2014-03-20 15:59 - 2014-03-20 15:59 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2014-03-20 15:58 - 2014-03-20 15:57 - 06867888 _____ (腾讯) C:\Users\Botan\Downloads\QQAccInstall_2.0.45.89_BNS.exe
2014-03-20 15:35 - 2014-03-19 19:02 - 00001192 _____ () C:\Users\Botan\Desktop\½£Áé_ÌÚѶ.lnk
2014-03-20 12:02 - 2014-03-20 12:02 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard
2014-03-20 12:02 - 2014-03-20 01:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-20 10:04 - 2014-03-20 10:04 - 00000000 ____D () C:\Users\Botan\AppData\Local\Blizzard Entertainment
2014-03-20 01:17 - 2014-03-20 01:17 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Battle.net
2014-03-20 01:16 - 2014-03-20 01:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-20 01:14 - 2014-03-20 01:14 - 07056680 _____ (Blizzard Entertainment) C:\Users\Botan\Downloads\Hearthstone-Setup-deDE.exe
2014-03-20 01:14 - 2014-03-20 01:14 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-19 20:00 - 2014-03-19 20:00 - 00000220 _____ () C:\Users\Botan\Downloads\ms_728x90.hml
2014-03-19 19:36 - 2014-03-19 19:36 - 00002573 _____ () C:\Users\Public\Desktop\China English Patch.lnk
2014-03-19 19:36 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\LokiReborn
2014-03-19 19:35 - 2014-03-19 19:35 - 03094092 _____ (LokiReborn) C:\Users\Botan\Downloads\setup.exe
2014-03-19 19:35 - 2014-03-19 19:35 - 00000000 ____D () C:\Users\Botan\AppData\Local\Downloaded Installations
2014-03-19 19:30 - 2014-03-19 19:30 - 00000000 ____D () C:\Users\Botan\Documents\Tencent Files
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\Documents\BnS
2014-03-19 19:29 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Awesomium
2014-03-19 19:23 - 2014-03-19 19:23 - 00000010 _____ () C:\Users\Botan\Documents\aaaa.txt
2014-03-19 19:02 - 2014-03-19 19:02 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÓÎÏ·
2014-03-19 18:57 - 2013-03-26 04:53 - 00155987 _____ () C:\Windows\DirectX.log
2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files\ÌÚѶÓÎÏ·
2014-03-19 18:28 - 2014-03-18 20:41 - 00000000 ____D () C:\GameDownload
2014-03-18 21:32 - 2014-03-18 21:32 - 00000000 ____D () C:\Users\Botan\Downloads\data
2014-03-18 20:37 - 2014-03-18 20:37 - 03046584 _____ () C:\Users\Botan\Downloads\bns_1.89.4110.4_setup_signed_TDL_signed.exe
2014-03-18 20:25 - 2013-05-27 21:48 - 00000000 ____D () C:\Users\Xebat\AppData\Roaming\Spotify
2014-03-18 20:24 - 2013-05-27 21:49 - 00000000 ____D () C:\Users\Xebat\AppData\Local\Spotify
2014-03-18 20:21 - 2013-03-26 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 18:41 - 2014-03-18 18:41 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 18:41 - 2014-03-18 18:41 - 00000000 ____D () C:\Users\Botan\AppData\Local\Skype
2014-03-18 18:41 - 2013-04-08 15:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 18:23 - 2014-01-07 17:34 - 00000000 ____D () C:\Users\Botan\AppData\Roaming\Apple Computer
2014-03-18 18:22 - 2014-03-18 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-18 18:05 - 2014-03-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 18:04 - 2014-03-18 18:04 - 02006233 _____ () C:\Users\Botan\Downloads\SoundDownloader.jar

Some content of TEMP:
====================
C:\Users\Botan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpszn0rt.dll
C:\Users\Xebat\AppData\Local\Temp\bitool.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 20:32

==================== End Of Log ============================
         
--- --- ---


Die Prüfungsergebnisse von Avast sind im Anhang zu finden.

Btw was muss ich alles zu dem Programm wissen?

Alt 16.04.2014, 21:44   #10
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Was is IE9 und ServicePack1? und ja der Computer funktioniert schon deutlich besser.

Fixlog.txt

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by Botan at 2014-04-15 22:23:29 Run:1
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Online Weather] => C:\Users\Schule\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Windows Defender] => C:\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe [313344 2013-07-01] (Windows Defender)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll No File
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-15] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-15] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
C:\Program Files (x86)\AnyProtectEx
C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
C:\Users\Schule\AppData\Local\WebPlayer
C:\Users\Bekir&Botan\AppData\Local\Smartbar
C:\ProgramData\Windows\
C:\Program Files\McAfee Security Scan
C:\Program Files (x86)\PlurPush
C:\Windows\system32\TesSafe.sys
C:\Windows\System32\drivers\wStLibG64.sys 
C:\Users\Botan\AppData\Local\speedial.crx
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe
C:\Users\Botan\AppData\Local\Temp\*.dll
C:\Users\Botan\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.exe
C:\Users\Xebat\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.dll
C:\Users\Xebat\AppData\Local\Temp\*.exe
*****************

HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Online Weather => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Key deleted successfully.
C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/TXSSO => Key deleted successfully.
C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll not found.
CHR DefaultSearchKeyword: mysearchdial.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Mysearchdial ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir= ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
C:\Users\Botan\AppData\Local\speedial.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
Update PlurPush => Unable to stop service
Update PlurPush => Service deleted successfully.
Util PlurPush => Unable to stop service
Util PlurPush => Service deleted successfully.
wStLibG64 => Unable to stop service
wStLibG64 => Service deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1809AF3-F82A-4DB0-9E89-832BB19903CF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1809AF3-F82A-4DB0-9E89-832BB19903CF} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => Key deleted successfully.
C:\Windows\Tasks\APSnotifierPP1.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => Moved successfully.
"C:\Program Files (x86)\AnyProtectEx" => File/Directory not found.
"C:\Users\Bekir&Botan\AppData\Roaming\newnext.me" => File/Directory not found.
"C:\Users\Schule\AppData\Local\WebPlayer" => File/Directory not found.
"C:\Users\Bekir&Botan\AppData\Local\Smartbar" => File/Directory not found.
C:\ProgramData\Windows => Moved successfully.
C:\Program Files\McAfee Security Scan => Moved successfully.

"C:\Program Files (x86)\PlurPush" directory move:

C:\Program Files (x86)\PlurPush\0 => Moved successfully.
C:\Program Files (x86)\PlurPush\7za.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\PlurPush.ico => Moved successfully.
C:\Program Files (x86)\PlurPush\PlurPushUninstall.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\updatePlurPush.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\updatePlurPush.InstallState => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\7za.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\BrowserAdapterS.7z => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\FilterApp_C64.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPush.BrowserAdapter.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPushBA.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPushBAApp.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\sqlite3.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\utilPlurPush.InstallState => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfs560E.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfs565D.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsCCA4.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsCCD3.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsE519.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsE5A6.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.Bromon.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.BrowserAdapterS.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.CompatibilityChecker.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.FFUpdate.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.IEUpdate.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.PurBrowseG.dll => Moved successfully.
Could not move "C:\Program Files (x86)\PlurPush" directory. => Scheduled to move on reboot.

C:\Windows\system32\TesSafe.sys => Moved successfully.
C:\Windows\System32\drivers\wStLibG64.sys => Moved successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe => Moved successfully.
C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc => Moved successfully.
C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm => Moved successfully.
C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm => Moved successfully.
C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe => Moved successfully.
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll => Moved successfully.
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Botan\AppData\Local\Temp\*.dll => Moved successfully.
C:\Users\Botan\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Schule\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Xebat\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Schule\AppData\Local\Temp\*.dll => Moved successfully.
"C:\Users\Xebat\AppData\Local\Temp\*.exe" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-15 22:26:14)<=

C:\Program Files (x86)\PlurPush => Moved successfully.

==== End of Fixlog ====
         
log.txt

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=74c472855899634ead891d0739e14949
# engine=17910
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-16 05:18:01
# local_time=2014-04-16 07:18:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=774 16777213 71 76 73575 73615 0 0
# compatibility_mode=5893 16776573 100 94 28068 149298531 0 0
# scanned=366506
# found=30
# cleaned=0
# scan_time=17190
sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\MiaggnyiPPic\51c7351647449.dll.vir"
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=E08EF6298DB507FC55E944040ECBE7B5AA5CAA6A ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp\1.111_0\contentscript.js.vir"
sh=E08EF6298DB507FC55E944040ECBE7B5AA5CAA6A ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schule\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp\1.111_0\contentscript.js.vir"
sh=B8A15E2B817C650BB246EE96D859D190BC1E2FF5 ft=1 fh=056d0132ff61be3e vn="MSIL/CoinMiner.CM trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe"
sh=4FA174F176A0A3ED0C41BC6A5C54D51FACFB534F ft=1 fh=9d25dcec7d070c82 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\WindowsUpdate\rundll32.exe"
sh=05ED639942CC1E49D422789CE0BAAD7ADD22D1AA ft=0 fh=0000000000000000 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\WindowsUpdate\rundll32.lnk"
sh=AF403E1D2C014FEB5B49354DFFE220A4741EAECA ft=1 fh=ebb6a3c55d41b422 vn="Win32/Adware.Lollipop.H application" ac=I fn="C:\FRST\Quarantine\C\Users\Schule\AppData\Local\Temp\instloffer.exe.xBAD"
sh=EA94BD6973CE722A1EBBD78554A369281FE1A2DE ft=1 fh=33e0d3904fd705f4 vn="multiple threats" ac=I fn="C:\FRST\Quarantine\C\Users\Xebat\AppData\Local\Temp\LyricsPal.exe.xBAD"
sh=5348BD561F3AC044DBBDAA4898D6B9D31FBFF595 ft=1 fh=1b226d3a8e8a5ffc vn="multiple threats" ac=I fn="C:\FRST\Quarantine\C\Users\Xebat\AppData\Local\Temp\lyricstmp.exe.xBAD"
sh=32ADBAC553741526F9F6A537E7A97308D0CD21DF ft=1 fh=08b67f1784dc0558 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\ProgramData\AMD\KDB\dwm.exe"
sh=32ADBAC553741526F9F6A537E7A97308D0CD21DF ft=1 fh=08b67f1784dc0558 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\Users\All Users\AMD\KDB\dwm.exe"
sh=3F7B7CF08A07483D45A4F5A0A8C64FEE0CFBE6D1 ft=1 fh=b91e9acba36107fd vn="a variant of Win32/AdWare.SpeedingUpMyPC.G application" ac=I fn="C:\Users\Botan\AppData\Local\Temp\is45637729\1974874_stp.EXE"
sh=9D1519C1A54ECB8A55339A5DB040C9CE9C869032 ft=1 fh=21c482d32e956120 vn="a variant of Win32/Injector.AWKK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EN1OLNNN\viewtopic[1].php"
sh=49462750C925D892DAB3D690C55CACFBA3ED1894 ft=0 fh=0000000000000000 vn="JS/Kryptik.APU trojan" ac=I fn="C:\Users\Schule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YGXC6DSW\technical[1].htm"
sh=9D1519C1A54ECB8A55339A5DB040C9CE9C869032 ft=1 fh=21c482d32e956120 vn="a variant of Win32/Injector.AWKK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\Low\bvtray.exe"
sh=E847ABD49144BD4608A580B8D74BA9C7AE0F55BC ft=1 fh=172864099d2e4610 vn="Win32/Agent.UJJ trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp306f3a4c\23.exe"
sh=BE00A8B0019A19D3B640ABBE3AE9718BB0A9AA45 ft=1 fh=dae9711f88cacd10 vn="a variant of Win32/Kryptik.BAXK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp466a6cbe\33.exe"
sh=840FF4A02F82179E23CB1F6DE757CFCE47630003 ft=1 fh=bae0c0a9721e5188 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp7922a78e\ut.exe"
sh=840FF4A02F82179E23CB1F6DE757CFCE47630003 ft=1 fh=bae0c0a9721e5188 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp7f8588c3\ut.exe"
sh=7630F581221888E622E479C3C4BD446ECAF5A186 ft=1 fh=c101aa4c58d2b03c vn="a variant of Win32/Kryptik.BAOX trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpb7fbfa3c\13.exe"
sh=AB289788E1B0BB9BB2D60DA086D61B4F631CAA02 ft=1 fh=41148c1388e53a23 vn="a variant of Win32/Kryptik.BAQL trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpc30cfb44\89.exe"
sh=82BEEA0B3EAF75F1BBF65FBBABF399A97EEE6D55 ft=1 fh=c3a5cb272dbdf656 vn="a variant of Win32/Kryptik.BBAM trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpd1a23059\34.exe"
sh=0ED353B6D858579DA60611D8B9033230282619E8 ft=1 fh=0e94236bc9e531e0 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpeb897682\14.exe"
sh=445A281D8236F06974CA5455B98A5FDD392A270E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-2423.O trojan" ac=I fn="C:\Users\Schule\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\7f5abc86-7bae5ff1"
sh=436A37E289E55E56F61485E5E248D6F7246221A1 ft=1 fh=f9136369f620230b vn="a variant of Generik.MVICHXB trojan" ac=I fn="C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll"
sh=8E95552B10748C10CEB5EB9C79AA07B05F5852BC ft=1 fh=f91363691ff201c1 vn="a variant of Generik.EUNPGRH trojan" ac=I fn="C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll"
sh=E508ACD8F97A24F734F8CE8BA685BCBA296E5C7D ft=1 fh=858fb24a9fdda1dc vn="multiple threats" ac=I fn="C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe"
sh=23B4190248082916EB94D0304A9231BAB4498BE8 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Xebat\AppData\Local\Temp\che2FC9.tmp"
sh=8781D2528360A4FD04D256B9B752F64BB6B31358 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Xebat\AppData\Local\Temp\che596B.tmp"
         
Angehängte Grafiken
Dateityp: jpg AVAST_Prüfergebnisse.jpg (85,7 KB, 280x aufgerufen)

Alt 17.04.2014, 23:27   #11
Bootsektor
Ruhe in Frieden
† 2019
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Hallo bekirikus,
Zitat:
Was is IE9 und ServicePack1? und ja der Computer funktioniert schon deutlich besser.
IE9 ist der InternetExplorer in der neunten Version, aktuell ist für WIndows 7 11.
Ein Service Pack ist ein Wartungspaket für Windows, damit wird das Betriebssystem auf einen aktuellen Stand gebracht, Sicherheitslücken geschlossen, Fehler beseitigt, es ist sehr wichtig, dass beides aktuell ist.

Zitat:
Btw was muss ich alles zu dem Programm wissen?
Welches Programm meinst du denn.

Schritt 1
Bitte die Funde von Avast löschen lassen.

Schritt 2
Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.



Schritt 3

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll
C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll
C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe
C:\ProgramData\AMD\KDB\dwm.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Alt 18.04.2014, 00:28   #12
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Ich meine zu dem Virenprogramm AVAST. Was sollte ich dazu wissen?

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-04-2014 02
Ran by Botan at 2014-04-18 00:27:37 Run:2
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll
C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll
C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe
C:\ProgramData\AMD\KDB\dwm.exe
*****************

C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll => Moved successfully.
C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll => Moved successfully.
C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe => Moved successfully.
C:\ProgramData\AMD\KDB\dwm.exe => Moved successfully.

==== End of Fixlog ====
         

Alt 20.04.2014, 01:15   #13
Bootsektor
Ruhe in Frieden
† 2019
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Zitat:
Ich meine zu dem Virenprogramm AVAST. Was sollte ich dazu wissen?
Ich verstehe deine Frage nicht. Du kannst dich auf der Homepage von Avast dazu informieren.

Fundevon Avast hattest du auch gelöscht?

>OK<

So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir.


Schritt 1
Falls du den ESET-Onlinescan nicht mehr benötigst, kannst Du ihn einfach über die Programmdeinstallation deinstallieren.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.

Falls nun noch Tools aus der Bereinigung auf deinem PC sind, kannst du diese besorgtlos selbst löschen.

Updates / Programme aktualisieren
  • Service Pack 1

    Lade das Service Pack 1Service Pack 1 für Windows 7 herunter, installiere es und lasse Windows dann nach Updates suchen
  • Internetexplorer
    Dein InternetExplorer ist nicht mehr aktuell. Besuche diese Microsoftseite und lade dir von dort den neuesten Internetexplorer für dein Betriebssystem herunter

  • Java
Dein Java ist nicht mehr aktuell.
Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren.

Windows XP
Gehe auf:
Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen
Windows Vista
Gehe auf:
Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen
Windows 7
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Javaversionen auswählen --> entfernen
Windows 8
Dazu drücke auf:
Windowstaste und X
dann:
Programme und Funktionen -->Javaversionen auswählen --> entfernen

Falls du Java doch unbedingt benötigst, dann
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 55 ) herunter laden.
  • Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Haken gesetzt ist und klicke OK.
  • Klicke erneut OK.

und sorge dafür, dass Java automatisch updated.
Dazu:
  • öffne Java
  • klicke auf den Reiter Update
  • klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
  • klicke auf Erweitert
  • ändere das Intervall mindestens auf wöchentlich
und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.
Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.

Antivirensoftware
  • Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz
  • MalwareBytes Anti-Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
    Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu TFC
Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
  • Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

Alt 21.04.2014, 12:11   #14
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Wenn ich SP1 installieren will kommt nach einiger Zeit folgende Fehlermeldung:


ERROR_SXS_ASSEMBLY_MISSING (0x80073701)

heißt das, dass ich zuerst die 36 anderen updates installieren sollte?

Alt 21.04.2014, 21:14   #15
Bootsektor
Ruhe in Frieden
† 2019
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's



Nein, das heißt, das dir ein wichtiger Systemordner fehlt. Ist das Ultimate legal?
  • Gehe auf C:\Windows\Logs\CBS\
  • schaue, ob es dort eine CBS.log Datei gibt
  • kopiere diese Datei auf deinen Desktop (wenn Windows sagt, dass du dazu Administratorenrechte brauchst, bestätige diese
  • öffne die Datei
  • poste mir den Inhalt hier in deinen Thread

Antwort

Themen zu Internetverbindung schlecht, langsamer Computer und einfrieren des PC's
browser, internetverbindung, java/exploit.cve-2013-2423.o, js/kryptik.apu, langsamer computer, mobogenie, mobogenie entfernen, msil/coinminer.cm, msil/coinminer.cn, nationzoom, nationzoom entfernen, seiten, verbindung, win32/adware.addlyrics.f, win32/adware.lollipop.h, win32/adware.multiplug.i, win32/adware.speedingupmypc.g, win32/adware.yontoo.b, win32/agent.ujj, win32/injector.awkk, win32/kryptik.baox, win32/kryptik.baql, win32/kryptik.baxk, win32/kryptik.bbam, win32/kryptik.bgbe, woche



Ähnliche Themen: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's


  1. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping - Wlan
    Plagegeister aller Art und deren Bekämpfung - 19.09.2015 (24)
  2. langsamer computer
    Log-Analyse und Auswertung - 31.05.2015 (24)
  3. langsamer computer
    Mülltonne - 22.05.2015 (2)
  4. Computer fährt nachts selbstständig hoch und "arbeitet"! Häufiges Einfrieren des gesamten Systems.
    Log-Analyse und Auswertung - 03.02.2015 (11)
  5. Windows 7 erhalte ständig spammails auf outlook und internetverbindung läuft langsamer
    Log-Analyse und Auswertung - 02.11.2014 (17)
  6. Virus auf dem Pc? Anfängliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit!
    Plagegeister aller Art und deren Bekämpfung - 28.09.2014 (13)
  7. Langsamer PC, oft ohne jeglichen Grund einfrieren, Probleme beim booten
    Log-Analyse und Auswertung - 07.06.2014 (26)
  8. Computer verliert immer wieder Internetverbindung
    Log-Analyse und Auswertung - 03.05.2014 (9)
  9. Internetverbindung nach einer Zeit immer langsamer High Ping Erkennt ihr was?
    Log-Analyse und Auswertung - 18.08.2013 (5)
  10. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping
    Netzwerk und Hardware - 16.08.2013 (1)
  11. Sehr langsamer Computer
    Log-Analyse und Auswertung - 08.11.2011 (1)
  12. PC sowie Internetverbindung ist merklich langsamer geworden, bin ich infiziert?
    Log-Analyse und Auswertung - 29.07.2011 (19)
  13. Langsamer Computer
    Log-Analyse und Auswertung - 16.05.2011 (1)
  14. Internetverbindung wird im Laufe der Sitzung langsamer
    Log-Analyse und Auswertung - 11.01.2009 (0)
  15. Internetverbindung wird langsamer
    Log-Analyse und Auswertung - 01.10.2008 (0)
  16. e-scan-Ergebnis: schlecht od. schlecht?
    Log-Analyse und Auswertung - 01.07.2008 (6)
  17. Internetverbindung langsamer als gewöhnlich
    Log-Analyse und Auswertung - 22.03.2008 (0)

Zum Thema Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Hallo Liebe Community, Es geht darum, dass ich den Verdacht habe, dass mein PC stark mit Viren befallen ist. Seit einigen Wochen schon leidet die Internetverbindung extrem, Ich werde, wenn - Internetverbindung schlecht, langsamer Computer und einfrieren des PC's...
Archiv
Du betrachtest: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.