Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.05.2014, 17:29   #1
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Hallöchen lieber Helfer,
Ich hab da so ein kleines Problem...Die (anscheinend) unbekannte Google Chrome
Erweiterung "Grepo" macht Probleme. Ich habe schon versucht, irgendwas darüber im Internet
zu finden, war aber erfolglos. Zum Problem: Diese Erweiterung installiert sich nach jedem Chrome Start von neu und blockiert/fügt manche Inhalte hinzu. Bei den Inhalten die Grepo erstellt handelt es sich um neue Blöcke, auf sonst normalen Seiten, mit Links zu unbekannten Seiten. Ich habe den Verdacht das diese Erweiterung durch einen Virus erzeugt wird. Malwarebytes Anti-Malware ist mehrmals drüber gelaufen und hat nichts gefunden.
Folgendes habe ich auf eigene Faust unternommen:
-"C:\Program Files (x86)\Grepo" gelöscht.²
- Die Erweiterung gelöscht,deaktiviert
- Malwarebytes Anti-Malware drüber laufen lassen
- Im Internet danach gesucht

²Hat Administratorrechte verlangt

Hier ein paar Logs:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Dustin2 (administrator) on DUSTINS-PC on 22-05-2014 17:18:29
Running from C:\Users\Dustin2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AuthenTec, Inc.) C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\pc essentials\updater.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Akamai Technologies, Inc.) C:\Users\Dustin2\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Akamai Technologies, Inc.) C:\Users\Dustin2\AppData\Local\Akamai\netsession_win.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(fun communications GmbH, hxxp://www.fun.de) C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\Notifier.exe
(Deutsche Telekom AG, Marmiko IT-Solutions GmbH) C:\Program Files (x86)\Common Files\Marmiko Shared\MWLaMaS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Update\Install\{40F7167B-E2B3-473D-B31C-EDEBC5B79839}\35.0.1916.114_34.0.1847.137_chrome_updater.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Temp\CR_FE081.tmp\setup.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcsvrcnt.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => c:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567104 2009-08-06] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1675160 2012-03-21] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2972218083-3551369242-1309756512-1006\...\Run: [Google Update] => C:\Users\Dustin2\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-27] (Google Inc.)
HKU\S-1-5-21-2972218083-3551369242-1309756512-1006\...\Run: [Akamai NetSession Interface] => C:\Users\Dustin2\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2972218083-3551369242-1309756512-1006\...\Run: [MySQL Data Wizard Agent] => C:\Program Files (x86)\SQL Maestro Group\Data Wizard for MySQL\MyDataWizardA.exe
HKU\S-1-5-21-2972218083-3551369242-1309756512-1006\...\MountPoints2: {747fdd4b-bf5c-11e0-bd6f-00262d6247c4} - E:\LGAutoRun.exe
HKU\S-1-5-21-2972218083-3551369242-1309756512-1006\...\MountPoints2: {e0a1be18-c93a-11de-8fdd-806e6f6e6963} - D:\Autorun.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
Lsa: [Notification Packages] c:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (No File)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NH ()
Startup: C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360410k616l03e8z1m5t4821b36o
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://ie.iehosting.de/t-online/willkommen
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
URLSearchHook: HKCU - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {07E4E221-A889-475B-BD66-105D1FF7AAD3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKCU - {2E6179AB-203B-4FF5-AC4E-86534ED8A805} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKCU - {70E2AB1D-B10F-4174-BE89-034529C41867} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKCU - {D358E806-39CE-494D-9FAE-BAF63676C306} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo_x64.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120902183112.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll No File
BHO-x32: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo.dll No File
BHO-x32: Gizmodock - {54868D10-E89D-42A1-96CE-CBD32796A6AB} - C:\Program Files (x86)\Gizmodock\Gizmodock.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902183114.dll (McAfee, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {92FB3EF5-293E-445C-8B86-24A9356AD5F4} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Toolbar: HKCU - No Name - {E3F0F2AD-5A4B-4944-A1BB-B13CF500AA97} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default
FF NewTab: hxxp://www.amazon.com
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: https://www.habbo.de/
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA - C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dustin2\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dustin2\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dustin2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFp501.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFp522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv501.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: grepo - C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\Extensions\grepo@extension [2014-05-22]
FF Extension: Adblock Plus - C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-04]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2009-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-09-02]
FF HKCU\...\Firefox\Extensions: [findlyrics@findlyrics.co] - C:\Program Files (x86)\FindLyrics\FF\

Chrome: 
=======
CHR HomePage: hxxp://youtube.com/
CHR StartupUrls: "hxxp://www.youtube.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Flatcast Producer Plugin 5.0.356) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFp501.dll (1 mal 1 Software GmbH)
CHR Plugin: (Flatcast Producer Plugin 5.2.2.471) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFp522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Flatcast Viewer Plugin 5.0.356) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv501.dll (1 mal 1 Software GmbH)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (DNA Plug-in) - C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Heroes & Generals live) - C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Happy Cloud Plugin) - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
CHR Plugin: (Unity Player) - C:\Users\Dustin2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
CHR Extension: (Google Translate) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-22]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2013-08-10]
CHR Extension: (Bejeweled) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-08-10]
CHR Extension: (McAfee Security Scan+) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-22]
CHR Extension: (Video Downloader professional) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-02-22]
CHR Extension: (SiteAdvisor) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-08-10]
CHR Extension: (Click&Clean) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-05-19]
CHR Extension: (AdBlock) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-19]
CHR Extension: (Chrome to Mobile) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-02-22]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-02-22]
CHR Extension: (Disconnect) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-02-22]
CHR Extension: (codev) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhccgicacaljbkehndlbnolffafhjiop [2014-01-08]
CHR Extension: (Cargo Bridge) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2013-08-10]
CHR Extension: (Google Play) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-08-10]
CHR Extension: (Turbo for YouTube) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgnmngkgolhffjjdaipkkjbmbnpefef [2014-02-22]
CHR Extension: (Ghostery) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-22]
CHR Extension: (Plants vs Zombies) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-08-10]
CHR Extension: (Google Wallet) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Mini Ninjas) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi [2013-08-10]
CHR Extension: (Currently) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh [2014-02-22]
CHR Extension: (Click&Clean App) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2013-08-19]
CHR HKCU\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Dustin2\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2013-08-19]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\Dustin\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [djhfddffodalniccjaekmphpompcjpea] - C:\Program Files (x86)\Pagealicious\Pagealicious.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Dustin2\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-05-21]
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\Dustin\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2014-05-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR StartMenuInternet: Google Chrome - C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ATService; C:\Program Files (x86)\Fingerprint Sensor\AtService.exe [1807608 2009-06-30] (AuthenTec, Inc.)
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [117560 2014-05-14] (Deutsche Telekom AG)
R2 IGBASVC; c:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3449856 2009-08-06] (Egis Technology Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [140424 2014-04-23] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [502064 2012-08-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [210616 2012-05-25] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [162224 2012-05-25] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 pc essentials; C:\Program Files (x86)\pc essentials\updater.exe [1731072 2013-04-18] ()
S3 TriDefService; C:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDefService.exe [1327104 2009-09-15] ()
S2 XAMPP; C:\Users\Dustin\Desktop\xampp\service.exe [X]

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [32536 2013-03-23] ()
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 17:13 - 2014-05-22 17:13 - 00000000 ____D () C:\Users\Dustin2\Desktop\FRST-OlderVersion
2014-05-22 17:00 - 2014-05-22 17:00 - 00000031 _____ () C:\Users\Dustin2\Downloads\tune_in_dsl.m3u
2014-05-15 16:42 - 2014-05-16 17:20 - 00000000 ____D () C:\Users\Dustin2\Documents\RPGVXAce
2014-05-15 15:22 - 2014-05-15 15:22 - 00001188 _____ () C:\Users\Public\Desktop\RPG MAKER VX Ace Lite.lnk
2014-05-15 15:22 - 2014-05-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG MAKER VX Ace Lite
2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\Users\Dustin2\Desktop\rpg-maker-vx-ace-lite
2014-05-15 15:12 - 2014-05-15 15:13 - 00773686 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1024withlogo.zip
2014-05-15 15:10 - 2014-05-15 15:11 - 01049372 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1280withlogo.zip
2014-05-15 15:09 - 2014-05-15 15:20 - 109892162 _____ () C:\Users\Dustin2\Downloads\rpg-maker-vx-ace-lite.zip
2014-05-14 11:33 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 11:33 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 11:33 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 11:32 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 11:32 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 11:32 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 10:32 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 10:32 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 10:32 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 10:32 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 10:29 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 10:29 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 10:29 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 10:29 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 10:29 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 10:29 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 10:29 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 10:29 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 10:29 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 10:29 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 10:29 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 10:29 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 10:29 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 10:29 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 10:29 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 10:29 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-10 15:05 - 2014-05-10 15:05 - 00015496 _____ () C:\Users\Dustin2\Downloads\NewCommands.jar
2014-05-10 14:49 - 2014-05-10 14:49 - 00006097 _____ () C:\Users\Dustin2\Downloads\kCommand_1.4.jar
2014-05-05 19:31 - 2014-05-10 22:51 - 00000607 _____ () C:\Users\Dustin2\Desktop\Habbo Missis.txt
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\Users\Dustin2\Desktop\BIGMacroTool
2014-05-03 23:55 - 2014-05-03 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BigMacroTool
2014-05-03 23:55 - 2014-05-03 23:55 - 00000000 ____D () C:\Program Files (x86)\BigMacroTool
2014-05-03 23:54 - 2014-05-03 23:54 - 00603961 _____ (TLProd ) C:\Users\Dustin2\Downloads\bigmacrotoolsetup.exe
2014-05-03 23:52 - 2014-05-03 23:52 - 00001075 _____ () C:\Users\Public\Desktop\Macro Recorder.lnk
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Recorder
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\Program Files (x86)\MacroRecorder
2014-05-03 23:51 - 2014-05-03 23:51 - 00720656 _____ (Jitbit Software ) C:\Users\Dustin2\Downloads\MacroRecorderSetup.exe
2014-05-02 19:34 - 2014-05-02 19:34 - 00158576 _____ () C:\Users\Dustin2\Downloads\TukMC[3.2.5].zip
2014-05-02 18:46 - 2014-05-02 18:46 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental (1).zip
2014-05-02 18:45 - 2014-05-02 18:46 - 03699473 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2_2.0.397-experimental.jar
2014-05-02 18:45 - 2014-05-02 18:45 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental.zip
2014-04-30 21:16 - 2014-05-14 15:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-28 18:44 - 2014-04-28 18:44 - 00001140 _____ () C:\Users\Dustin2\Downloads\windmillschematic.schematic
2014-04-28 18:44 - 2014-04-28 18:44 - 00001128 _____ () C:\Users\Dustin2\Downloads\small_house.schematic
2014-04-28 18:42 - 2014-04-28 18:43 - 08072516 _____ () C:\Users\Dustin2\Downloads\templeofspirits.zip
2014-04-28 18:42 - 2014-04-28 18:42 - 00003166 _____ () C:\Users\Dustin2\Downloads\medievaltowerbyyowsky.schematic
2014-04-28 18:34 - 2014-04-28 18:34 - 00072336 _____ () C:\Users\Dustin2\Downloads\elijastemple.schematic
2014-04-28 18:33 - 2014-04-28 18:33 - 00040538 _____ () C:\Users\Dustin2\Downloads\spawn2745.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00002034 _____ () C:\Users\Dustin2\Downloads\largemedievalhouse.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00000892 _____ () C:\Users\Dustin2\Downloads\smallmedievalhouse3155.schematic
2014-04-28 18:28 - 2014-04-28 18:28 - 00032780 _____ () C:\Users\Dustin2\Downloads\faction-spawn.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00265730 _____ () C:\Users\Dustin2\Downloads\aysgarth-medieval.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00188559 _____ () C:\Users\Dustin2\Downloads\airship-shipyard.schematic
2014-04-28 18:21 - 2014-04-28 18:21 - 00691201 _____ () C:\Users\Dustin2\Downloads\Heroes.zip
2014-04-28 18:21 - 2014-04-28 18:21 - 00131877 _____ () C:\Users\Dustin2\Downloads\HeroChat.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00014885 _____ () C:\Users\Dustin2\Downloads\ArathosRPG.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00011463 _____ () C:\Users\Dustin2\Downloads\Dynmap-HeroChat-0.30-bin.zip
2014-04-27 14:02 - 2014-04-27 14:02 - 00428068 _____ () C:\Users\Dustin2\Downloads\OptiFine_1.6.4_HD_U_D1.jar
2014-04-27 13:54 - 2014-04-27 13:54 - 00002008 _____ () C:\Users\Dustin2\Desktop\FileZilla Client.lnk
2014-04-27 13:53 - 2014-04-27 13:54 - 04968079 _____ (Tim Kosse) C:\Users\Dustin2\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-27 13:50 - 2014-04-27 14:06 - 89906602 _____ () C:\Users\Dustin2\Downloads\modpacks^AgrarianSkiesHQ^2_1_2^AgrarianSkiesHQServer.zip
2014-04-26 20:22 - 2014-04-26 20:22 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-26 18:45 - 2014-04-26 18:45 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (2).jar
2014-04-26 18:25 - 2014-04-26 18:26 - 03792105 _____ () C:\Users\Dustin2\Downloads\com_gameserver_3.1.3_joomla3.zip
2014-04-26 18:08 - 2014-04-26 18:08 - 00043202 _____ () C:\Users\Dustin2\Downloads\mod_mh_ts3viewer.rev.39.zip
2014-04-25 19:41 - 2014-04-25 19:41 - 00010474 _____ () C:\Users\Dustin2\Downloads\mobmakemoney.jar
2014-04-25 18:58 - 2014-04-25 18:58 - 00001979 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-25 18:51 - 2014-04-25 19:12 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\Overwolf
2014-04-25 16:57 - 2014-04-25 16:57 - 01691047 _____ () C:\Users\Dustin2\Downloads\pkg_kunena_v3.0.5_2014-03-09.zip
2014-04-25 16:48 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\TeamViewer
2014-04-25 16:47 - 2014-04-25 16:47 - 06120184 _____ (TeamViewer GmbH) C:\Users\Dustin2\Downloads\TeamViewer_Setup_de_9.0.27614 (1).exe
2014-04-25 16:05 - 2014-04-25 16:05 - 00035570 _____ () C:\Users\Dustin2\Downloads\ZavAutoMessager.jar
2014-04-25 15:57 - 2014-04-25 15:57 - 00457417 _____ () C:\Users\Dustin2\Downloads\MythicDrops.zip
2014-04-25 15:14 - 2014-04-25 15:14 - 00021572 _____ () C:\Users\Dustin2\Downloads\latest
2014-04-25 15:00 - 2014-04-25 15:00 - 07804408 _____ (SQL Maestro Group ) C:\Users\Dustin2\Downloads\mysql_datawizard_setup.exe
2014-04-25 14:59 - 2014-04-25 14:59 - 00728032 _____ () C:\Users\Dustin2\Downloads\COMPUTER_BILD-Download-Manager_fuer_mysql_datawizard_setup.exe
2014-04-25 14:42 - 2014-04-25 14:42 - 09566380 _____ () C:\Users\Dustin2\Downloads\Joomla_3.2.3-Stable-Full_Package.zip
2014-04-24 15:49 - 2014-04-24 16:23 - 00001059 _____ () C:\Users\Dustin2\Desktop\ExampleItems.yml
2014-04-24 15:26 - 2014-04-24 15:26 - 00001297 _____ () C:\Users\Dustin2\Downloads\ExampleMobs (1).yml
2014-04-24 11:53 - 2014-04-24 11:53 - 00034690 _____ () C:\Users\Dustin2\Downloads\Dynmap_SimpleClans.jar
2014-04-24 11:52 - 2014-04-24 11:52 - 00230740 _____ () C:\Users\Dustin2\Downloads\SimpleClans-Legacy (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 00428219 _____ () C:\Users\Dustin2\Downloads\Factions (1).jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00028916 _____ () C:\Users\Dustin2\Downloads\Dynmap-Factions-0.72.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00022600 _____ () C:\Users\Dustin2\Downloads\Dynmap-Essentials-0.70.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00018987 _____ () C:\Users\Dustin2\Downloads\Dynmap-CommandBook-0.50.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 03539017 _____ () C:\Users\Dustin2\Downloads\dynmap-1.9.4.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 00021743 _____ () C:\Users\Dustin2\Downloads\Dynmap-WorldGuard-0.60.jar
2014-04-24 00:03 - 2014-04-24 00:03 - 00062323 _____ () C:\Users\Dustin2\Downloads\WorldBorder.jar
2014-04-23 20:41 - 2014-04-23 20:41 - 00018168 _____ () C:\Users\Dustin2\Downloads\HeroTroll.jar
2014-04-23 20:41 - 2014-04-23 20:41 - 00012452 _____ () C:\Users\Dustin2\Downloads\BeHerobrine1.5.2.jar
2014-04-23 20:40 - 2014-04-23 20:40 - 00119783 _____ () C:\Users\Dustin2\Downloads\DisguiseCraft.jar
2014-04-23 20:32 - 2014-04-23 20:33 - 00698982 _____ () C:\Users\Dustin2\Downloads\NoCheatPlus.jar
2014-04-23 16:34 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-23 16:34 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-23 16:34 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-23 16:34 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-23 16:30 - 2014-04-23 16:34 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-23 16:30 - 2014-04-23 16:30 - 00000000 _____ () C:\Windows\SysWOW64\REN7E39.tmp
2014-04-23 16:30 - 2014-04-23 16:30 - 00000000 _____ () C:\Windows\SysWOW64\REN7E38.tmp
2014-04-23 16:26 - 2014-04-23 16:26 - 00118211 _____ () C:\Users\Dustin2\Downloads\SimpleRegionMarket-3.6.3.jar
2014-04-22 07:43 - 2014-04-22 07:43 - 00009226 _____ () C:\Users\Dustin2\Downloads\SimpleCommandSigns.jar
2014-04-22 05:46 - 2014-04-22 05:46 - 00047198 _____ () C:\Users\Dustin2\Downloads\Promote.jar
2014-04-22 05:45 - 2014-04-22 05:45 - 00097426 _____ () C:\Users\Dustin2\Downloads\SimpleAlias_1.6.0.jar
2014-04-22 05:23 - 2014-04-22 05:23 - 00195107 _____ () C:\Users\Dustin2\Downloads\PlotMe (1).jar
2014-04-22 05:17 - 2014-04-22 05:17 - 00320143 _____ () C:\Users\Dustin2\Downloads\Multiverse-Inventories-2.5.jar

==================== One Month Modified Files and Folders =======

2014-05-22 17:18 - 2014-03-09 18:46 - 00042877 _____ () C:\Users\Dustin2\Desktop\FRST.txt
2014-05-22 17:18 - 2014-03-03 17:48 - 00000000 ____D () C:\FRST
2014-05-22 17:14 - 2010-04-25 13:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 17:14 - 2010-04-25 13:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 17:13 - 2014-05-22 17:13 - 00000000 ____D () C:\Users\Dustin2\Desktop\FRST-OlderVersion
2014-05-22 17:13 - 2014-03-09 18:46 - 02067456 _____ (Farbar) C:\Users\Dustin2\Desktop\FRST64.exe
2014-05-22 17:12 - 2012-07-27 13:13 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006UA.job
2014-05-22 17:02 - 2012-03-30 16:51 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000UA.job
2014-05-22 17:00 - 2014-05-22 17:00 - 00000031 _____ () C:\Users\Dustin2\Downloads\tune_in_dsl.m3u
2014-05-22 16:26 - 2013-11-06 17:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-22 15:12 - 2012-07-27 13:13 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006Core.job
2014-05-22 15:02 - 2012-03-30 16:51 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000Core.job
2014-05-22 14:19 - 2013-02-02 11:10 - 00001832 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2014-05-22 14:19 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 14:19 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 14:14 - 2013-08-14 20:22 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\TSVNCache
2014-05-22 14:14 - 2012-08-04 18:58 - 00000330 ____H () C:\Windows\Tasks\GBoxUpdaterTask{A657688A-E8DA-4961-AA87-DF33C8A23CF9}.job
2014-05-22 14:10 - 2011-09-19 08:43 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-22 14:09 - 2009-08-22 07:29 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-22 14:08 - 2009-08-22 10:34 - 01439380 _____ () C:\Windows\PFRO.log
2014-05-22 14:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 14:08 - 2009-07-14 06:51 - 00308766 _____ () C:\Windows\setupact.log
2014-05-21 18:36 - 2009-11-04 14:15 - 01707274 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 17:50 - 2012-11-13 19:50 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B3019771-99BB-46F9-8D8E-A65277738BB5}
2014-05-20 11:17 - 2012-09-09 15:37 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\.minecraft
2014-05-16 22:16 - 2012-07-27 13:16 - 00002376 _____ () C:\Users\Dustin2\Desktop\Google Chrome.lnk
2014-05-16 17:20 - 2014-05-15 16:42 - 00000000 ____D () C:\Users\Dustin2\Documents\RPGVXAce
2014-05-15 15:22 - 2014-05-15 15:22 - 00001188 _____ () C:\Users\Public\Desktop\RPG MAKER VX Ace Lite.lnk
2014-05-15 15:22 - 2014-05-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG MAKER VX Ace Lite
2014-05-15 15:22 - 2013-08-06 16:49 - 00000000 ____D () C:\Program Files (x86)\Enterbrain
2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\Users\Dustin2\Desktop\rpg-maker-vx-ace-lite
2014-05-15 15:20 - 2014-05-15 15:09 - 109892162 _____ () C:\Users\Dustin2\Downloads\rpg-maker-vx-ace-lite.zip
2014-05-15 15:13 - 2014-05-15 15:12 - 00773686 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1024withlogo.zip
2014-05-15 15:11 - 2014-05-15 15:10 - 01049372 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1280withlogo.zip
2014-05-15 01:53 - 2013-08-17 12:47 - 00000000 ____D () C:\Users\Uwe\AppData\Local\TSVNCache
2014-05-15 01:41 - 2012-10-09 13:08 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DDA221F5-94E0-4BB6-BDA5-D7912CCC2ACC}
2014-05-15 00:47 - 2012-06-10 16:49 - 00000000 ___RD () C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 00:47 - 2012-06-10 16:49 - 00000000 ___RD () C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 18:27 - 2013-11-06 17:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 18:27 - 2012-07-06 04:24 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 18:27 - 2011-06-16 16:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 16:23 - 2012-12-05 18:21 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\FTB-Launcher
2014-05-14 15:53 - 2012-07-27 13:00 - 00000000 ___RD () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 15:53 - 2012-07-27 13:00 - 00000000 ___RD () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 15:40 - 2014-04-30 21:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 11:31 - 2009-08-22 10:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 11:23 - 2013-07-13 14:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 11:23 - 2010-05-02 22:09 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 10:18 - 2013-12-08 14:32 - 00000000 ____D () C:\Program Files (x86)\Deutsche Telekom AG
2014-05-14 10:18 - 2013-12-08 14:32 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service
2014-05-10 22:51 - 2014-05-05 19:31 - 00000607 _____ () C:\Users\Dustin2\Desktop\Habbo Missis.txt
2014-05-10 15:13 - 2012-08-24 19:24 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\TS3Client
2014-05-10 15:07 - 2012-07-27 13:13 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006UA
2014-05-10 15:07 - 2012-07-27 13:13 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006Core
2014-05-10 15:05 - 2014-05-10 15:05 - 00015496 _____ () C:\Users\Dustin2\Downloads\NewCommands.jar
2014-05-10 14:49 - 2014-05-10 14:49 - 00006097 _____ () C:\Users\Dustin2\Downloads\kCommand_1.4.jar
2014-05-09 08:14 - 2014-05-14 10:32 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 10:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 17:09 - 2010-04-25 13:50 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-06 17:09 - 2010-04-25 13:50 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-14 11:33 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 11:32 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 11:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 11:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\Users\Dustin2\Desktop\BIGMacroTool
2014-05-05 16:02 - 2012-12-05 18:03 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\ftblauncher
2014-05-03 23:55 - 2014-05-03 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BigMacroTool
2014-05-03 23:55 - 2014-05-03 23:55 - 00000000 ____D () C:\Program Files (x86)\BigMacroTool
2014-05-03 23:54 - 2014-05-03 23:54 - 00603961 _____ (TLProd ) C:\Users\Dustin2\Downloads\bigmacrotoolsetup.exe
2014-05-03 23:52 - 2014-05-03 23:52 - 00001075 _____ () C:\Users\Public\Desktop\Macro Recorder.lnk
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Recorder
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\Program Files (x86)\MacroRecorder
2014-05-03 23:51 - 2014-05-03 23:51 - 00720656 _____ (Jitbit Software ) C:\Users\Dustin2\Downloads\MacroRecorderSetup.exe
2014-05-02 19:34 - 2014-05-02 19:34 - 00158576 _____ () C:\Users\Dustin2\Downloads\TukMC[3.2.5].zip
2014-05-02 18:46 - 2014-05-02 18:46 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental (1).zip
2014-05-02 18:46 - 2014-05-02 18:45 - 03699473 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2_2.0.397-experimental.jar
2014-05-02 18:45 - 2014-05-02 18:45 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental.zip
2014-04-28 18:44 - 2014-04-28 18:44 - 00001140 _____ () C:\Users\Dustin2\Downloads\windmillschematic.schematic
2014-04-28 18:44 - 2014-04-28 18:44 - 00001128 _____ () C:\Users\Dustin2\Downloads\small_house.schematic
2014-04-28 18:43 - 2014-04-28 18:42 - 08072516 _____ () C:\Users\Dustin2\Downloads\templeofspirits.zip
2014-04-28 18:42 - 2014-04-28 18:42 - 00003166 _____ () C:\Users\Dustin2\Downloads\medievaltowerbyyowsky.schematic
2014-04-28 18:34 - 2014-04-28 18:34 - 00072336 _____ () C:\Users\Dustin2\Downloads\elijastemple.schematic
2014-04-28 18:33 - 2014-04-28 18:33 - 00040538 _____ () C:\Users\Dustin2\Downloads\spawn2745.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00002034 _____ () C:\Users\Dustin2\Downloads\largemedievalhouse.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00000892 _____ () C:\Users\Dustin2\Downloads\smallmedievalhouse3155.schematic
2014-04-28 18:28 - 2014-04-28 18:28 - 00032780 _____ () C:\Users\Dustin2\Downloads\faction-spawn.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00265730 _____ () C:\Users\Dustin2\Downloads\aysgarth-medieval.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00188559 _____ () C:\Users\Dustin2\Downloads\airship-shipyard.schematic
2014-04-28 18:21 - 2014-04-28 18:21 - 00691201 _____ () C:\Users\Dustin2\Downloads\Heroes.zip
2014-04-28 18:21 - 2014-04-28 18:21 - 00131877 _____ () C:\Users\Dustin2\Downloads\HeroChat.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00014885 _____ () C:\Users\Dustin2\Downloads\ArathosRPG.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00011463 _____ () C:\Users\Dustin2\Downloads\Dynmap-HeroChat-0.30-bin.zip
2014-04-27 15:20 - 2013-03-24 15:38 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\FileZilla
2014-04-27 14:06 - 2014-04-27 13:50 - 89906602 _____ () C:\Users\Dustin2\Downloads\modpacks^AgrarianSkiesHQ^2_1_2^AgrarianSkiesHQServer.zip
2014-04-27 14:02 - 2014-04-27 14:02 - 00428068 _____ () C:\Users\Dustin2\Downloads\OptiFine_1.6.4_HD_U_D1.jar
2014-04-27 13:54 - 2014-04-27 13:54 - 00002008 _____ () C:\Users\Dustin2\Desktop\FileZilla Client.lnk
2014-04-27 13:54 - 2014-04-27 13:53 - 04968079 _____ (Tim Kosse) C:\Users\Dustin2\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-27 13:54 - 2013-03-24 15:37 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-27 13:54 - 2013-03-24 15:37 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-26 21:57 - 2014-04-21 21:19 - 00001998 _____ () C:\Users\Dustin2\Desktop\ExampleMobs.yml
2014-04-26 20:22 - 2014-04-26 20:22 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-26 18:45 - 2014-04-26 18:45 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (2).jar
2014-04-26 18:26 - 2014-04-26 18:25 - 03792105 _____ () C:\Users\Dustin2\Downloads\com_gameserver_3.1.3_joomla3.zip
2014-04-26 18:08 - 2014-04-26 18:08 - 00043202 _____ () C:\Users\Dustin2\Downloads\mod_mh_ts3viewer.rev.39.zip
2014-04-26 17:48 - 2014-04-20 15:41 - 00014519 _____ () C:\Users\Dustin2\Desktop\groups.yml
2014-04-26 16:30 - 2012-08-03 16:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-25 19:41 - 2014-04-25 19:41 - 00010474 _____ () C:\Users\Dustin2\Downloads\mobmakemoney.jar
2014-04-25 19:12 - 2014-04-25 18:51 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\Overwolf
2014-04-25 18:58 - 2014-04-25 18:58 - 00001979 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-25 18:47 - 2012-08-24 19:24 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\TeamSpeak 3 Client
2014-04-25 17:01 - 2011-09-30 20:44 - 00001715 _____ () C:\Windows\wininit.ini
2014-04-25 16:57 - 2014-04-25 16:57 - 01691047 _____ () C:\Users\Dustin2\Downloads\pkg_kunena_v3.0.5_2014-03-09.zip
2014-04-25 16:48 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\TeamViewer
2014-04-25 16:47 - 2014-04-25 16:47 - 06120184 _____ (TeamViewer GmbH) C:\Users\Dustin2\Downloads\TeamViewer_Setup_de_9.0.27614 (1).exe
2014-04-25 16:05 - 2014-04-25 16:05 - 00035570 _____ () C:\Users\Dustin2\Downloads\ZavAutoMessager.jar
2014-04-25 15:57 - 2014-04-25 15:57 - 00457417 _____ () C:\Users\Dustin2\Downloads\MythicDrops.zip
2014-04-25 15:14 - 2014-04-25 15:14 - 00021572 _____ () C:\Users\Dustin2\Downloads\latest
2014-04-25 15:00 - 2014-04-25 15:00 - 07804408 _____ (SQL Maestro Group ) C:\Users\Dustin2\Downloads\mysql_datawizard_setup.exe
2014-04-25 14:59 - 2014-04-25 14:59 - 00728032 _____ () C:\Users\Dustin2\Downloads\COMPUTER_BILD-Download-Manager_fuer_mysql_datawizard_setup.exe
2014-04-25 14:42 - 2014-04-25 14:42 - 09566380 _____ () C:\Users\Dustin2\Downloads\Joomla_3.2.3-Stable-Full_Package.zip
2014-04-24 19:17 - 2010-08-05 17:51 - 00000450 ____H () C:\Windows\Tasks\Norton Security Scan for Dustin.job
2014-04-24 16:23 - 2014-04-24 15:49 - 00001059 _____ () C:\Users\Dustin2\Desktop\ExampleItems.yml
2014-04-24 15:26 - 2014-04-24 15:26 - 00001297 _____ () C:\Users\Dustin2\Downloads\ExampleMobs (1).yml
2014-04-24 11:53 - 2014-04-24 11:53 - 00034690 _____ () C:\Users\Dustin2\Downloads\Dynmap_SimpleClans.jar
2014-04-24 11:52 - 2014-04-24 11:52 - 00230740 _____ () C:\Users\Dustin2\Downloads\SimpleClans-Legacy (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 00428219 _____ () C:\Users\Dustin2\Downloads\Factions (1).jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00028916 _____ () C:\Users\Dustin2\Downloads\Dynmap-Factions-0.72.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00022600 _____ () C:\Users\Dustin2\Downloads\Dynmap-Essentials-0.70.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00018987 _____ () C:\Users\Dustin2\Downloads\Dynmap-CommandBook-0.50.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 03539017 _____ () C:\Users\Dustin2\Downloads\dynmap-1.9.4.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 00021743 _____ () C:\Users\Dustin2\Downloads\Dynmap-WorldGuard-0.60.jar
2014-04-24 00:03 - 2014-04-24 00:03 - 00062323 _____ () C:\Users\Dustin2\Downloads\WorldBorder.jar
2014-04-23 22:57 - 2012-10-16 18:25 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\Paint.NET
2014-04-23 20:41 - 2014-04-23 20:41 - 00018168 _____ () C:\Users\Dustin2\Downloads\HeroTroll.jar
2014-04-23 20:41 - 2014-04-23 20:41 - 00012452 _____ () C:\Users\Dustin2\Downloads\BeHerobrine1.5.2.jar
2014-04-23 20:40 - 2014-04-23 20:40 - 00119783 _____ () C:\Users\Dustin2\Downloads\DisguiseCraft.jar
2014-04-23 20:33 - 2014-04-23 20:32 - 00698982 _____ () C:\Users\Dustin2\Downloads\NoCheatPlus.jar
2014-04-23 16:36 - 2013-11-04 15:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-23 16:34 - 2014-04-23 16:30 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-23 16:34 - 2011-05-29 17:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-23 16:30 - 2014-04-23 16:30 - 00000000 _____ () C:\Windows\SysWOW64\REN7E39.tmp
2014-04-23 16:30 - 2014-04-23 16:30 - 00000000 _____ () C:\Windows\SysWOW64\REN7E38.tmp
2014-04-23 16:26 - 2014-04-23 16:26 - 00118211 _____ () C:\Users\Dustin2\Downloads\SimpleRegionMarket-3.6.3.jar
2014-04-22 07:43 - 2014-04-22 07:43 - 00009226 _____ () C:\Users\Dustin2\Downloads\SimpleCommandSigns.jar
2014-04-22 05:46 - 2014-04-22 05:46 - 00047198 _____ () C:\Users\Dustin2\Downloads\Promote.jar
2014-04-22 05:45 - 2014-04-22 05:45 - 00097426 _____ () C:\Users\Dustin2\Downloads\SimpleAlias_1.6.0.jar
2014-04-22 05:23 - 2014-04-22 05:23 - 00195107 _____ () C:\Users\Dustin2\Downloads\PlotMe (1).jar
2014-04-22 05:17 - 2014-04-22 05:17 - 00320143 _____ () C:\Users\Dustin2\Downloads\Multiverse-Inventories-2.5.jar

Some content of TEMP:
====================
C:\Users\Dustin\AppData\Local\Temp\AutoRun.exe
C:\Users\Dustin\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Dustin\AppData\Local\Temp\contentDATs.exe
C:\Users\Dustin\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Dustin\AppData\Local\Temp\drm_dyndata_7350007.dll
C:\Users\Dustin\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Dustin\AppData\Local\Temp\drm_dyndata_7400008.dll
C:\Users\Dustin\AppData\Local\Temp\DSETUP.dll
C:\Users\Dustin\AppData\Local\Temp\dsetup32.dll
C:\Users\Dustin\AppData\Local\Temp\DXSETUP.exe
C:\Users\Dustin\AppData\Local\Temp\EAInstall.dll
C:\Users\Dustin\AppData\Local\Temp\EBU1019.DLL
C:\Users\Dustin\AppData\Local\Temp\EBU1860.EXE
C:\Users\Dustin\AppData\Local\Temp\EBU258C.EXE
C:\Users\Dustin\AppData\Local\Temp\EBU280C.DLL
C:\Users\Dustin\AppData\Local\Temp\EBU3A80.DLL
C:\Users\Dustin\AppData\Local\Temp\EBU65A7.EXE
C:\Users\Dustin\AppData\Local\Temp\EBU676C.DLL
C:\Users\Dustin\AppData\Local\Temp\EBU8881.EXE
C:\Users\Dustin\AppData\Local\Temp\EBU8A17.DLL
C:\Users\Dustin\AppData\Local\Temp\EBUA18D.EXE
C:\Users\Dustin\AppData\Local\Temp\EBUA303.DLL
C:\Users\Dustin\AppData\Local\Temp\EBUC23.EXE
C:\Users\Dustin\AppData\Local\Temp\htmlayout.dll
C:\Users\Dustin\AppData\Local\Temp\instloffer.exe
C:\Users\Dustin\AppData\Local\Temp\jline_git-Bukkit-1_1-R3-b1846jnks.dll
C:\Users\Dustin\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-b1988jnks.dll
C:\Users\Dustin\AppData\Local\Temp\msg3D62.exe
C:\Users\Dustin\AppData\Local\Temp\msvcp60.dll
C:\Users\Dustin\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Dustin\AppData\Local\Temp\SiedlerPatch.exe
C:\Users\Dustin\AppData\Local\Temp\SIntf16.dll
C:\Users\Dustin\AppData\Local\Temp\SIntf32.dll
C:\Users\Dustin\AppData\Local\Temp\SIntfNT.dll
C:\Users\Dustin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dustin\AppData\Local\Temp\speedupmypc.exe
C:\Users\Dustin\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Dustin\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dustin\AppData\Local\Temp\twapi-2.0a2.dll
C:\Users\Dustin2\AppData\Local\Temp\aacenc3.exe
C:\Users\Dustin2\AppData\Local\Temp\APNStub.exe
C:\Users\Dustin2\AppData\Local\Temp\AutoRun.exe
C:\Users\Dustin2\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Dustin2\AppData\Local\Temp\borlndlm.dll
C:\Users\Dustin2\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\Dustin2\AppData\Local\Temp\CH.dll
C:\Users\Dustin2\AppData\Local\Temp\CheatEngine62Clean.exe
C:\Users\Dustin2\AppData\Local\Temp\contentDATs.exe
C:\Users\Dustin2\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Dustin2\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Dustin2\AppData\Local\Temp\drm_dyndata_7400008.dll
C:\Users\Dustin2\AppData\Local\Temp\EAInstall.dll
C:\Users\Dustin2\AppData\Local\Temp\eauninstall.exe
C:\Users\Dustin2\AppData\Local\Temp\ezhstlik.dll
C:\Users\Dustin2\AppData\Local\Temp\ffmpeg15.exe
C:\Users\Dustin2\AppData\Local\Temp\FileSystemView.dll
C:\Users\Dustin2\AppData\Local\Temp\First15.exe
C:\Users\Dustin2\AppData\Local\Temp\guninst.exe
C:\Users\Dustin2\AppData\Local\Temp\i4jdel0.exe
C:\Users\Dustin2\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Dustin2\AppData\Local\Temp\jansi-32-git-Bukkit-1.3.1-R1.0-b2320jnks.dll
C:\Users\Dustin2\AppData\Local\Temp\jline_git-Bukkit-1_2_5-R1_0-b2149jnks.dll
C:\Users\Dustin2\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Dustin2\AppData\Local\Temp\mpsetup.exe
C:\Users\Dustin2\AppData\Local\Temp\msvcp60.dll
C:\Users\Dustin2\AppData\Local\Temp\MyClaroTB.exe
C:\Users\Dustin2\AppData\Local\Temp\NGMDll.dll
C:\Users\Dustin2\AppData\Local\Temp\NGMResource.dll
C:\Users\Dustin2\AppData\Local\Temp\oct67C7.tmp.exe
C:\Users\Dustin2\AppData\Local\Temp\oct7469.tmp.exe
C:\Users\Dustin2\AppData\Local\Temp\oct7939.tmp.exe
C:\Users\Dustin2\AppData\Local\Temp\octBBA1.tmp.exe
C:\Users\Dustin2\AppData\Local\Temp\Pokki.exe
C:\Users\Dustin2\AppData\Local\Temp\prismsetupde.exe
C:\Users\Dustin2\AppData\Local\Temp\pu511qpn.dll
C:\Users\Dustin2\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Dustin2\AppData\Local\Temp\SiedlerPatch.exe
C:\Users\Dustin2\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dustin2\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Dustin2\AppData\Local\Temp\sqlite3.dll
C:\Users\Dustin2\AppData\Local\Temp\stsetup.exe
C:\Users\Dustin2\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dustin2\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Dustin2\AppData\Local\Temp\tbCon2.dll
C:\Users\Dustin2\AppData\Local\Temp\tbIncr.dll
C:\Users\Dustin2\AppData\Local\Temp\tbtimi.dll
C:\Users\Dustin2\AppData\Local\Temp\twapi-2.0a2.dll
C:\Users\Dustin2\AppData\Local\Temp\ubi74A3.tmp.exe
C:\Users\Dustin2\AppData\Local\Temp\ubiE083.tmp.exe
C:\Users\Dustin2\AppData\Local\Temp\unicows.dll
C:\Users\Dustin2\AppData\Local\Temp\uninst.exe
C:\Users\Dustin2\AppData\Local\Temp\uninst1.exe
C:\Users\Dustin2\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Dustin2\AppData\Local\Temp\VP6Install.exe
C:\Users\Dustin2\AppData\Local\Temp\VP6VFW.dll
C:\Users\Dustin2\AppData\Local\Temp\wpsetup.exe
C:\Users\Dustin2\AppData\Local\Temp\YgoUpdater.exe
C:\Users\Dustin2\AppData\Local\Temp\_is3218.exe
C:\Users\Dustin2\AppData\Local\Temp\_is7DE6.exe
C:\Users\Dustin2\AppData\Local\Temp\_isB422.exe
C:\Users\Dustin2\AppData\Local\Temp\_isD539.exe
C:\Users\Dustin2\AppData\Local\Temp\_isF602.exe
C:\Users\Dustin2\AppData\Local\Temp\_isF95C.exe
C:\Users\Dustin2\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-31 15:20

==================== End Of Log ============================
         
Addition.txt war irgendwie nicht dabei.

Hoffe auf baldige Hilfe
-Cupa :-)

Alt 22.05.2014, 17:32   #2
M-K-D-B
/// TB-Ausbilder
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 22.05.2014, 20:16   #3
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Sooooh... nach langer Zeit ist ComboFix endlich fertig.
Folgende Dinge sind passiert:
- Hab die Maus bewegt
- McAffee wollte nicht ausgehen
- Hat aber keine Fehler verursacht (glaube ich)
- Hat aber einen "Virus" erkannt *sarkasm off*
- Bildschirmschoner ist angegangen

Mehr eig nicht...
Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-05-19.01 - Dustin2 22.05.2014  18:08:05.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4091.2560 [GMT 2:00]
ausgeführt von:: c:\users\Dustin2\Desktop\ComboFix.exe
AV: McAfee  Anti-Virus und Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee  Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee  Anti-Virus und Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Im Speicher befindliches AV aktiv.
.
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Acer Bio Protection\PwdFilterV64.dll
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\Dustin\AppData\Roaming\.#
c:\users\Dustin\AppData\Roaming\.#\MBX@D30@352770.###
c:\users\Dustin\AppData\Roaming\.#\MBX@D30@3527A0.###
c:\users\Dustin\AppData\Roaming\.#\MBX@DF4@1FF2770.###
c:\users\Dustin\AppData\Roaming\.#\MBX@DF4@1FF27A0.###
c:\users\Dustin2\4.0
c:\windows\Install
c:\windows\IsUn0407.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-22 bis 2014-05-22  ))))))))))))))))))))))))))))))
.
.
2014-05-22 17:31 . 2014-05-22 17:31	--------	d-----w-	c:\users\Uwe\AppData\Local\temp
2014-05-22 17:31 . 2014-05-22 17:31	--------	d-----w-	c:\users\Dustin\AppData\Local\temp
2014-05-22 17:28 . 2014-05-22 17:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-14 09:33 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-14 09:33 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-14 09:32 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-14 09:32 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-14 08:32 . 2014-03-25 02:43	14175744	----a-w-	c:\windows\system32\shell32.dll
2014-05-14 08:32 . 2014-05-09 06:14	477184	----a-w-	c:\windows\system32\aepdu.dll
2014-05-14 08:32 . 2014-05-09 06:11	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-03 21:55 . 2014-05-03 21:55	--------	d-----w-	c:\program files (x86)\BigMacroTool
2014-05-03 21:52 . 2014-05-03 21:52	--------	d-----w-	c:\program files (x86)\MacroRecorder
2014-04-30 19:16 . 2014-05-14 13:40	--------	d-s---w-	c:\windows\system32\CompatTel
2014-04-26 18:22 . 2014-04-26 18:22	--------	d-----w-	c:\program files (x86)\TeamSpeak 3 Client
2014-04-25 16:58 . 2014-04-25 16:58	--------	d-----w-	c:\program files (x86)\Common Files\Overwolf
2014-04-25 16:58 . 2014-04-25 16:58	--------	d-----w-	c:\program files (x86)\Overwolf
2014-04-25 16:51 . 2014-04-25 17:12	--------	d-----w-	c:\users\Dustin2\AppData\Local\Overwolf
2014-04-25 14:48 . 2014-04-25 14:48	--------	d-----w-	c:\users\Dustin2\AppData\Roaming\TeamViewer
2014-04-23 14:34 . 2014-04-14 18:13	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-23 14:30 . 2014-04-23 14:30	0	----a-w-	c:\windows\SysWow64\REN7E39.tmp
2014-04-23 14:30 . 2014-04-23 14:30	0	----a-w-	c:\windows\SysWow64\REN7E38.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 16:27 . 2012-07-06 02:24	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-14 16:27 . 2011-06-16 14:54	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 09:23 . 2010-05-02 20:09	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-03-31 20:46 . 2014-03-31 20:46	130712	----a-w-	c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-06 09:31 . 2014-04-13 10:40	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-13 10:40	66048	----a-w-	c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-13 10:41	548352	----a-w-	c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-13 10:40	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-13 10:40	2767360	----a-w-	c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-13 10:40	51200	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-13 10:40	33792	----a-w-	c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-13 10:41	574976	----a-w-	c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-13 10:40	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-13 10:40	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-13 10:40	752640	----a-w-	c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-13 10:40	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-13 10:40	5784064	----a-w-	c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-13 10:40	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-13 10:40	586240	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-13 10:40	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-13 10:41	455168	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-13 10:40	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-13 10:40	38400	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-13 10:40	195584	----a-w-	c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-13 10:40	4254720	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-13 10:40	296960	----a-w-	c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-13 10:40	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-13 10:40	592896	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-13 10:40	628736	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-13 10:40	32256	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-13 10:40	2043904	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-13 10:40	13551104	----a-w-	c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-13 10:40	1967104	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-13 10:40	2260480	----a-w-	c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-13 10:40	1400832	----a-w-	c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-13 10:40	846336	----a-w-	c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-13 10:40	1789440	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-09 15:25	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 15:25	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 15:25	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 15:25	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 15:25	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 15:25	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 15:25	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 15:25	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 15:25	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 15:25	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 15:25	2048	----a-w-	c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:18	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Dustin2\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-21 261888]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"VitaKeyPdtWzd"="c:\program files (x86)\Acer Bio Protection\PdtWzd.exe" [2009-08-06 3567104]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"MDS_Menu"="c:\program files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Meine Dienste.lnk - c:\program files\Telekom\Meine Dienste\StartMeineDienste.exe Autostart [2012-7-5 269944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 pc essentials;pc essentials;c:\program files (x86)\pc essentials\updater.exe;c:\program files (x86)\pc essentials\updater.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 XAMPP;XAMPP Service;c:\users\Dustin\Desktop\xampp\service.exe;c:\users\Dustin\Desktop\xampp\service.exe [x]
R3 Browser7Maintenance;Browser 7 Maintenance Service;c:\program files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe;c:\program files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TriDefService;TriDef Service;c:\program files (x86)\TriDef 3D\TriDef\Common\TriDefService.exe;c:\program files (x86)\TriDef 3D\TriDef\Common\TriDefService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys;c:\windows\SYSNATIVE\DRIVERS\mfenlfk.sys [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ATService;AuthenTec Fingerprint Service;c:\program files (x86)\Fingerprint Sensor\AtService.exe;c:\program files (x86)\Fingerprint Sensor\AtService.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IGBASVC;EgisTec Service;c:\program files (x86)\Acer Bio Protection\BASVC.exe;c:\program files (x86)\Acer Bio Protection\BASVC.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 stdriver;SoundTap Filter Driver v6.05.00;c:\windows\system32\DRIVERS\stdriverx64.sys;c:\windows\SYSNATIVE\DRIVERS\stdriverx64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-06 16:27]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-25 11:50]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-25 11:50]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000Core.job
- c:\users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30 14:50]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000UA.job
- c:\users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30 14:50]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006Core.job
- c:\users\Dustin2\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 11:13]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006UA.job
- c:\users\Dustin2\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 11:13]
.
2014-04-24 c:\windows\Tasks\Norton Security Scan for Dustin.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-06 13:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:19	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-07 349480]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-05 828960]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
mSearchAssistant = 
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: aeriagames.com
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - hxxps://www.habbo.de/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{28A984B0-844D-48EC-AE42-6682BBB4FD33} - c:\program files (x86)\Grepo\grepo.dll
BHO-{54868D10-E89D-42A1-96CE-CBD32796A6AB} - c:\program files (x86)\Gizmodock\Gizmodock.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - c:\program files (x86)\GadgetBox\gadgetBoxTB.dll
Wow6432Node-HKCU-Run-MySQL Data Wizard Agent - c:\program files (x86)\SQL Maestro Group\Data Wizard for MySQL\MyDataWizardA.exe
BHO-{28A984B0-844D-48EC-AE42-6682BBB4FD33} - c:\program files (x86)\Grepo\grepo_x64.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{92FB3EF5-293E-445C-8B86-24A9356AD5F4} - (no file)
WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)
WebBrowser-{E3F0F2AD-5A4B-4944-A1BB-B13CF500AA97} - (no file)
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
AddRemove-Covert Operations - c:\windows\IsUn0407.exe
AddRemove-GadgetBox - c:\program files (x86)\GadgetBox\uninstall.exe
AddRemove-Gizmodock - c:\program files (x86)\Gizmodock\uninst000.exe
AddRemove-Grepo - c:\program files (x86)\Grepo\1100.exe
AddRemove-MixPad - c:\program files (x86)\NCH Software\MixPad\uninst.exe
AddRemove-PhotoStage - c:\program files (x86)\NCH Software\PhotoStage\photostage.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
AddRemove-SoundTap - c:\program files (x86)\NCH Software\SoundTap\soundtap.exe
AddRemove-Switch - c:\program files (x86)\NCH Software\Switch\switch.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\uninst.exe
AddRemove-WavePad - c:\program files (x86)\NCH Software\WavePad\wavepad.exe
AddRemove-Zulu - c:\program files (x86)\NCH Software\Zulu\uninst.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{8C3727F2-8E37-49E4-820C-03B1677F53B6} - c:\program files (x86)\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe
AddRemove-{C31556D7-F2B9-4787-B223-F7A035067E89}_is1 - c:\program files (x86)\Dragon's Prophet\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Acer Bio Protection\CompPtcVUI.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-22  19:58:21 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-22 17:58
.
Vor Suchlauf: 34 Verzeichnis(se), 384.985.321.472 Bytes frei
Nach Suchlauf: 42 Verzeichnis(se), 388.415.807.488 Bytes frei
.
- - End Of File - - 22C9D73EDD9D7011A8EF87A8D37D36F2
         
--- --- --- 5C616939100B85E558DA92B899A0FC36

PS: Grepo hat sich nicht installiert, als ich grade eben Chrome gestartet habe
__________________

Geändert von Cupa (22.05.2014 um 20:19 Uhr) Grund: Anmerkung

Alt 22.05.2014, 20:42   #4
M-K-D-B
/// TB-Ausbilder
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Zitat:
Zitat von Cupa Beitrag anzeigen
PS: Grepo hat sich nicht installiert, als ich grade eben Chrome gestartet habe
Wir sind auch noch nicht fertig...




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.






Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 4
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
    autoclean;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM,
  • die Logdatei von Zoek,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.05.2014, 15:26   #5
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



AdwCleaner ist fertig und hier der Log dazu:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.210 - Bericht erstellt am 22/05/2014 um 21:11:02
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Dustin2 - DUSTINS-PC
# Gestartet von : C:\Users\Dustin2\Desktop\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm
Ordner Gelöscht : C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\foxsearch.src

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v22.0 (de)

[ Datei : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\qoq6pkmw.default\prefs.js ]


[ Datei : C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\prefs.js ]


[ Datei : C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
Gelöscht [Extension] : gaiilaahiahdejapggenmdmafpmbipje
Gelöscht [Extension] : ihflimipbcaljfnojhhknppphnnciiif

[ Datei : C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : adpkifcfcacgmnggcbpbjbkdijciiigm
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : dcillohgikpecbmgioknapdpcjofaafl
Gelöscht [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
Gelöscht [Extension] : engeblojhfeingnjnfpiceofljnjpldp
Gelöscht [Extension] : gaiilaahiahdejapggenmdmafpmbipje
Gelöscht [Extension] : jmhhdaimhfblnamlcdijbaakkifakade
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : nohfdhapjjlndfgjnmdlcabloeembdkj

*************************

AdwCleaner[R0].txt - [96615 octets] - [06/03/2014 18:04:07]
AdwCleaner[R1].txt - [2922 octets] - [22/05/2014 20:52:19]
AdwCleaner[S0].txt - [93684 octets] - [06/03/2014 18:07:22]
AdwCleaner[S1].txt - [2843 octets] - [22/05/2014 21:11:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2903 octets] ##########
         
--- --- ---

[/CODE]
Der Rest kommt bald

Hier Junkware Removal Tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dustin2 on 23.05.2014 at 14:39:09,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\browse~2"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.05.2014 at 14:51:57,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und hier ist Malwarebytes Anti-Malware:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.05.19.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Dustin2 :: DUSTINS-PC [Administrator]

23.05.2014 14:54:48
mbam-log-2014-05-23 (14-54-48).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 321107
Laufzeit: 29 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hyperionics DB Toolbar (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files (x86)\Hyperionics DB Toolbar (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 25
C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihflimipbcaljfnojhhknppphnnciiif_0.localstorage (PUP.Optional.FaceMoods.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihflimipbcaljfnojhhknppphnnciiif_0.localstorage-journal (PUP.Optional.FaceMoods.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\affid.dat (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\alert_plugin.dll (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\basis.xml (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\icons.bmp (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\info.txt (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\install.ico (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\MacroParserPlugin.dll (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\mbback.bmp (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\mbbigopen.bmp (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\mbclose.bmp (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\mbfwd.bmp (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\mbsep.bmp (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\nav1c.bmp (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\somoto.dll (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\TbCommonUtils.dll (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.inf (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\tbhelper.dll (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\TbHelper2.exe (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\uninstall.exe (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\UninstallToolbar.exe (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\update.exe (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Hyperionics DB Toolbar\version.txt (PUP.Optional.Hyperionics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         


Alt 23.05.2014, 15:34   #6
M-K-D-B
/// TB-Ausbilder
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Gut gemacht.


Fehlen noch Zoek und FRST.
__________________
--> Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder

Alt 23.05.2014, 17:34   #7
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Öhm Zoek möchte nicht starten

Alt 23.05.2014, 17:36   #8
M-K-D-B
/// TB-Ausbilder
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Zitat:
Zitat von Cupa Beitrag anzeigen
Öhm Zoek möchte nicht starten
Hast du dein AV-Programm (Mc-Afee) vorher deaktiviert?

Welche Fehlermeldung erscheint?
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.05.2014, 17:51   #9
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Hats doch.

hat nur ein bisschen gedauert D;

Alt 23.05.2014, 17:55   #10
M-K-D-B
/// TB-Ausbilder
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Zitat:
Zitat von Cupa Beitrag anzeigen
Hats doch.

hat nur ein bisschen gedauert D;
Hehe... Bleib geduldig.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.05.2014, 18:52   #11
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Dieses blöde Programm resetet einfach meinen Browser! >.<
Code:
ATTFilter
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Dustin2 on 23.05.2014 at 17:33:28,87.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dustin2\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

23.05.2014 17:52:55 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\Microsoft\Internet Explorer\SearchScopes\{D358E806-39CE-494D-9FAE-BAF63676C306} deleted successfully
HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E3F0F2AD-5A4B-4944-A1BB-B13CF500AA97} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Explorer Bars\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{54868D10-E89D-42A1-96CE-CBD32796A6AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54868D10-E89D-42A1-96CE-CBD32796A6AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully
HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{92FB3EF5-293E-445C-8B86-24A9356AD5F4} deleted successfully
HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{E3F0F2AD-5A4B-4944-A1BB-B13CF500AA97} deleted successfully
HKEY_USERS\S-1-5-21-2972218083-3551369242-1309756512-1006\Software\mozilla\Firefox\Extensions\findlyrics@findlyrics.co deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\qoq6pkmw.default\prefs.js:
user_pref("browser.search.defaultenginename", "foxsearch");
user_pref("browser.search.selectedEngine", "foxsearch");
user_pref("browser.search.order.1", "foxsearch");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\qoq6pkmw.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Dustin\AppData\Roaming\TomTom\HOME\Profiles\5u1kg02i.default\prefs.js:

Added to C:\Users\Dustin\AppData\Roaming\TomTom\HOME\Profiles\5u1kg02i.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.habbo.de/");
user_pref("browser.search.defaulturl", "");
user_pref("browser.newtab.url", "hxxp://www.amazon.com");
user_pref("browser.search.defaultenginename", "Sichere Suche");
user_pref("browser.search.selectedEngine", "");
user_pref("browser.search.order.1", "");
user_pref("keyword.URL", "hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=");

Added to C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Uwe\AppData\Roaming\Deutsche Telekom AG\Browser7\Profiles\f77jne4z.default\prefs.js:

Added to C:\Users\Uwe\AppData\Roaming\Deutsche Telekom AG\Browser7\Profiles\f77jne4z.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default\prefs.js:
user_pref("browser.newtab.url", "");
user_pref("browser.search.selectedEngine", "");
user_pref("browser.search.order.1", "");

Added to C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\qoq6pkmw.default

user.js not found
---- Lines {37483B40-C254-4A72-BDA4-22EE90182C1E} modified from prefs.js ----

user_pref("extensions.enabledAddons", "{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0,{37483b40-c254-4a72-bda4-22ee90182c1e}:3.13.0.6,{EB9394A3-4AD6-491
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (
---- FireFox user.js and prefs.js backups ---- 

prefs__1811_.backup

ProfilePath: C:\Users\Dustin\AppData\Roaming\TomTom\HOME\Profiles\5u1kg02i.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs__1811_.backup

ProfilePath: C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default

user.js not found
---- Lines extensions.501d52dacfa16 removed from prefs.js ----
user_pref("extensions.501d52dacfa16.epoch", "1367334173");
user_pref("extensions.501d52dacfa16.url", "hxxp://proxy5-jpi.info/sync/?ext=bcool&pid=27&country=DE&regd=120804165034&lsd=130429145941&uid=5022b8a5be2
---- FireFox user.js and prefs.js backups ---- 

prefs__1811_.backup

ProfilePath: C:\Users\Uwe\AppData\Roaming\Deutsche Telekom AG\Browser7\Profiles\f77jne4z.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs__1811_.backup

ProfilePath: C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default

user.js not found
---- Lines Lyric modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (
---- FireFox user.js and prefs.js backups ---- 

prefs__1811_.backup

==== Deleting Files \ Folders ======================

C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\qoq6pkmw.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} not found
"C:\Windows\Installer\2b18e6.msi" not found
"C:\Windows\Installer\e2135d.msi" not found
C:\PROGRA~2\FoxTabVideoToMP3 deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Yahoo! deleted
C:\PROGRA~2\Pagealicious deleted
C:\found.000 deleted
C:\Users\Dustin\AppData\Roaming\Gutscheinmieze deleted
C:\Users\Dustin\AppData\Roaming\Yahoo! deleted
C:\Users\Dustin\AppData\Roaming\GetRightToGo deleted
C:\Users\Dustin2\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\GBox deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Dustin2\AppData\Local\avgchrome deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BigMacroTool deleted
C:\Users\Dustin\AppData\LocalLow\Conduit_Apps deleted
C:\Users\Uwe\AppData\LocalLow\Conduit_Apps deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted
C:\Windows\DXT235A.tmp deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\Syswow64\REN3E6E.tmp deleted
C:\Windows\Syswow64\REN3E6F.tmp deleted
C:\Windows\Syswow64\REN5D8E.tmp deleted
C:\Windows\Syswow64\REN5D8F.tmp deleted
C:\Windows\Syswow64\REN7E38.tmp deleted
C:\Windows\Syswow64\REN7E39.tmp deleted
C:\Windows\Syswow64\REN813E.tmp deleted
C:\Windows\Syswow64\REN813F.tmp deleted
C:\Windows\Syswow64\REN90BE.tmp deleted
C:\Windows\Syswow64\REN90BF.tmp deleted
C:\Windows\Syswow64\REN9CDE.tmp deleted
C:\Windows\Syswow64\REN9CEF.tmp deleted
C:\Windows\Syswow64\REND1E.tmp deleted
C:\Windows\Syswow64\REND1F.tmp deleted
C:\Windows\Syswow64\RENDBF0.tmp deleted
C:\Windows\Syswow64\RENDBF1.tmp deleted
C:\Windows\Syswow64\RENF7C5.tmp deleted
C:\Windows\Syswow64\RENF7C6.tmp deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Dustin\Downloads\setup.exe deleted
"C:\Windows\Installer\32ac3a.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{D19CA586-DD6C-4a0a-96F8-14644F340D60}"="C:\Program Files (x86)\Common Files\McAfee\SystemCore" [02.09.2012 18:31]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\qoq6pkmw.default
- Undetermined - C:\Program Files (x86)\PriceGong\2.1.0\FF
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor

ProfilePath: C:\Users\Dustin\AppData\Roaming\TomTom\HOME\Profiles\5u1kg02i.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.419.1257@tomtom.com

ProfilePath: C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default
- McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- grepo - %ProfilePath%\extensions\grepo@extension
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- grepo - %ProfilePath%\extensions\grepo@extension

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aacbndibbcpajfgnkdkaakeiojmmgmnk - C:\Users\Dustin\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx[]
djhfddffodalniccjaekmphpompcjpea - C:\Program Files (x86)\Pagealicious\Pagealicious.crx[]
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[23.04.2014 17:50]
jpihmmhdcobmllpcnpfbhnipmhamldje - C:\Users\Dustin\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10.10.2011 12:09]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

SiteAdvisor - Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Battlefield Heroes - Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm
General Crawler - Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
Skype Click to Call - Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Translate - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb
Bejeweled - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm
SiteAdvisor - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
AdBlock - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
grepo - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipcalcgelfddoilleimelkbcfmgpeleh
Disconnect - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo
codev - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhccgicacaljbkehndlbnolffafhjiop
Cargo Bridge - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn
Google Play - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi
Turbo for YouTube - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgnmngkgolhffjjdaipkkjbmbnpefef
Ghostery - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
Plants vs Zombies - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina
Mini Ninjas - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi
Currently - Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh

==== Chrome Fix ======================

C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhkplhfnhceodhffomolpfigojocbpcb_0.localstorage deleted successfully
C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"First Home Page"="hxxp://ie.iehosting.de/t-online/willkommen"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"First Home Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{07E4E221-A889-475B-BD66-105D1FF7AAD3} Wikipedia  Url="hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie10-toi"
{2E6179AB-203B-4FF5-AC4E-86534ED8A805} T-Online.de Suche Url="hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{70E2AB1D-B10F-4174-BE89-034529C41867} Amazon.de  Url="hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742"

==== Reset Google Chrome ======================

C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7324911AA745d164DB449BB751477AAD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B0FD4B799947F554FAAB7FF0466D8DA6 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{441A016B-02D5-427F-BFE1-0DC74C1C97F1} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DBB02F63-2284-42AA-B1BC-F2912BC5B32B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\djhfddffodalniccjaekmphpompcjpea deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GadgetBox deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97B4DF0B-7499-455F-AFBA-F70F64D6D86A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7324911AA745d164DB449BB751477AAD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B0FD4B799947F554FAAB7FF0466D8DA6 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dustin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Uwe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KI0AB3D will be deleted at reboot
C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88NEB77O will be deleted at reboot
C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZSX4MNY will be deleted at reboot
C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NDWTIRNG will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Dustin\AppData\Local\Mozilla\Firefox\Profiles\qoq6pkmw.default\Cache emptied successfully
C:\Users\Dustin2\AppData\Local\Mozilla\Firefox\Profiles\mjq9hrep.default\Cache will be emptied at reboot
C:\Users\Uwe\AppData\Local\Mozilla\Firefox\Profiles\k01fu59j.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=422 folders=111 55821395 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Dustin\AppData\Local\temp emptied successfully
C:\Users\Dustin2\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Uwe\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dustin2\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KI0AB3D" not found
"C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88NEB77O" not found
"C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZSX4MNY" not found
"C:\Users\Dustin2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NDWTIRNG" not found
"C:\Users\Dustin2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PQPEG5FQ\aka-cdn-ns.adtech.de"  not found
"C:\Users\Dustin2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PQPEG5FQ\cdncache-a.akamaihd.net"  not found
"C:\Users\Dustin2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PQPEG5FQ\tag.coffeetable.hiro.tv"  not found

==== EOF on 23.05.2014 at 18:31:42,30 ======================
         
Da der Rest...


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Dustin2 (administrator) on DUSTINS-PC on 23-05-2014 18:43:19
Running from C:\Users\Dustin2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AuthenTec, Inc.) C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\pc essentials\updater.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Akamai Technologies, Inc.) C:\Users\Dustin2\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Akamai Technologies, Inc.) C:\Users\Dustin2\AppData\Local\Akamai\netsession_win.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe
(fun communications GmbH, hxxp://www.fun.de) C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\Notifier.exe
(Deutsche Telekom AG, Marmiko IT-Solutions GmbH) C:\Program Files (x86)\Common Files\Marmiko Shared\MWLaMaS.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => c:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567104 2009-08-06] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1675160 2012-03-21] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2972218083-3551369242-1309756512-1006\...\Run: [Akamai NetSession Interface] => C:\Users\Dustin2\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (No File)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NH ()
Startup: C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk
ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG)
Startup: C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKLM-x32 - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {07E4E221-A889-475B-BD66-105D1FF7AAD3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKCU - {2E6179AB-203B-4FF5-AC4E-86534ED8A805} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {70E2AB1D-B10F-4174-BE89-034529C41867} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo_x64.dll (grepo)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120902183112.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo.dll (grepo)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902183114.dll (McAfee, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA - C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dustin2\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dustin2\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dustin2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFp501.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFp522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv501.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: grepo - C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\Extensions\grepo@extension [2014-05-23]
FF Extension: Adblock Plus - C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-04]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2009-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-09-02]

Chrome: 
=======
CHR StartupUrls: "hxxp://www.youtube.com/"
CHR Extension: (SiteAdvisor) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-08-10]
CHR Extension: (No Name) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-02-22]
CHR Extension: (Google Wallet) - C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-05-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR StartMenuInternet: Google Chrome - C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ATService; C:\Program Files (x86)\Fingerprint Sensor\AtService.exe [1807608 2009-06-30] (AuthenTec, Inc.)
R2 IGBASVC; c:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3449856 2009-08-06] (Egis Technology Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [140424 2014-04-23] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [502064 2012-08-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [210616 2012-05-25] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [162224 2012-05-25] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 pc essentials; C:\Program Files (x86)\pc essentials\updater.exe [1731072 2013-04-18] ()
S3 TriDefService; C:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDefService.exe [1327104 2009-09-15] ()
S3 Browser7Maintenance; "C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe" [X]
S2 XAMPP; C:\Users\Dustin\Desktop\xampp\service.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [32536 2013-03-23] ()
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-23 18:23 - 2014-05-23 17:33 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-23 18:22 - 2014-05-23 18:22 - 00000084 _____ () C:\folders.txt
2014-05-23 17:52 - 2014-05-23 18:31 - 00026273 _____ () C:\zoek-results.log
2014-05-23 17:38 - 2014-05-23 18:08 - 00000000 ____D () C:\Program Files (x86)\Grepo
2014-05-23 15:26 - 2014-05-23 18:17 - 00000000 ____D () C:\zoek_backup
2014-05-23 15:26 - 2014-05-23 15:26 - 01285120 _____ () C:\Users\Dustin2\Downloads\zoek.exe
2014-05-23 14:51 - 2014-05-23 14:51 - 00000695 _____ () C:\Users\Dustin2\Desktop\JRT.txt
2014-05-23 14:37 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Dustin2\Desktop\JRT_NEW.exe
2014-05-22 20:51 - 2014-05-22 20:51 - 01326389 _____ () C:\Users\Dustin2\Downloads\adwcleaner_3.210.exe
2014-05-22 20:51 - 2014-05-22 20:51 - 01326389 _____ () C:\Users\Dustin2\Desktop\adwcleaner_3.210.exe
2014-05-22 19:58 - 2014-05-22 19:58 - 00036749 _____ () C:\ComboFix.txt
2014-05-22 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-22 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-22 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-22 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-22 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-22 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-22 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-22 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-22 17:48 - 2014-05-22 19:58 - 00000000 ____D () C:\Qoobox
2014-05-22 17:46 - 2014-05-22 19:55 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 17:34 - 2014-05-22 17:34 - 05200426 ____R (Swearware) C:\Users\Dustin2\Desktop\ComboFix.exe
2014-05-22 17:34 - 2014-05-22 17:34 - 05200426 _____ (Swearware) C:\Users\Dustin2\Downloads\ComboFix.exe
2014-05-22 17:00 - 2014-05-22 17:00 - 00000031 _____ () C:\Users\Dustin2\Downloads\tune_in_dsl.m3u
2014-05-15 16:42 - 2014-05-16 17:20 - 00000000 ____D () C:\Users\Dustin2\Documents\RPGVXAce
2014-05-15 15:22 - 2014-05-15 15:22 - 00001188 _____ () C:\Users\Public\Desktop\RPG MAKER VX Ace Lite.lnk
2014-05-15 15:22 - 2014-05-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG MAKER VX Ace Lite
2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\Users\Dustin2\Desktop\rpg-maker-vx-ace-lite
2014-05-15 15:12 - 2014-05-15 15:13 - 00773686 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1024withlogo.zip
2014-05-15 15:10 - 2014-05-15 15:11 - 01049372 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1280withlogo.zip
2014-05-15 15:09 - 2014-05-15 15:20 - 109892162 _____ () C:\Users\Dustin2\Downloads\rpg-maker-vx-ace-lite.zip
2014-05-14 11:33 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 11:33 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 11:33 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 11:32 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 11:32 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 11:32 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 10:32 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 10:32 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 10:32 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 10:32 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 10:29 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 10:29 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 10:29 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 10:29 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 10:29 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 10:29 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 10:29 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 10:29 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 10:29 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 10:29 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 10:29 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 10:29 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 10:29 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 10:29 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 10:29 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 10:29 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 10:29 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 10:29 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 10:29 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-10 15:05 - 2014-05-10 15:05 - 00015496 _____ () C:\Users\Dustin2\Downloads\NewCommands.jar
2014-05-10 14:49 - 2014-05-10 14:49 - 00006097 _____ () C:\Users\Dustin2\Downloads\kCommand_1.4.jar
2014-05-05 19:31 - 2014-05-10 22:51 - 00000607 _____ () C:\Users\Dustin2\Desktop\Habbo Missis.txt
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\Users\Dustin2\Desktop\BIGMacroTool
2014-05-03 23:55 - 2014-05-03 23:55 - 00000000 ____D () C:\Program Files (x86)\BigMacroTool
2014-05-03 23:54 - 2014-05-03 23:54 - 00603961 _____ (TLProd ) C:\Users\Dustin2\Downloads\bigmacrotoolsetup.exe
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Recorder
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\Program Files (x86)\MacroRecorder
2014-05-03 23:51 - 2014-05-03 23:51 - 00720656 _____ (Jitbit Software ) C:\Users\Dustin2\Downloads\MacroRecorderSetup.exe
2014-05-02 19:34 - 2014-05-02 19:34 - 00158576 _____ () C:\Users\Dustin2\Downloads\TukMC[3.2.5].zip
2014-05-02 18:46 - 2014-05-02 18:46 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental (1).zip
2014-05-02 18:45 - 2014-05-02 18:46 - 03699473 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2_2.0.397-experimental.jar
2014-05-02 18:45 - 2014-05-02 18:45 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental.zip
2014-04-30 21:16 - 2014-05-14 15:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-28 18:44 - 2014-04-28 18:44 - 00001140 _____ () C:\Users\Dustin2\Downloads\windmillschematic.schematic
2014-04-28 18:44 - 2014-04-28 18:44 - 00001128 _____ () C:\Users\Dustin2\Downloads\small_house.schematic
2014-04-28 18:42 - 2014-04-28 18:43 - 08072516 _____ () C:\Users\Dustin2\Downloads\templeofspirits.zip
2014-04-28 18:42 - 2014-04-28 18:42 - 00003166 _____ () C:\Users\Dustin2\Downloads\medievaltowerbyyowsky.schematic
2014-04-28 18:34 - 2014-04-28 18:34 - 00072336 _____ () C:\Users\Dustin2\Downloads\elijastemple.schematic
2014-04-28 18:33 - 2014-04-28 18:33 - 00040538 _____ () C:\Users\Dustin2\Downloads\spawn2745.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00002034 _____ () C:\Users\Dustin2\Downloads\largemedievalhouse.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00000892 _____ () C:\Users\Dustin2\Downloads\smallmedievalhouse3155.schematic
2014-04-28 18:28 - 2014-04-28 18:28 - 00032780 _____ () C:\Users\Dustin2\Downloads\faction-spawn.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00265730 _____ () C:\Users\Dustin2\Downloads\aysgarth-medieval.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00188559 _____ () C:\Users\Dustin2\Downloads\airship-shipyard.schematic
2014-04-28 18:21 - 2014-04-28 18:21 - 00691201 _____ () C:\Users\Dustin2\Downloads\Heroes.zip
2014-04-28 18:21 - 2014-04-28 18:21 - 00131877 _____ () C:\Users\Dustin2\Downloads\HeroChat.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00014885 _____ () C:\Users\Dustin2\Downloads\ArathosRPG.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00011463 _____ () C:\Users\Dustin2\Downloads\Dynmap-HeroChat-0.30-bin.zip
2014-04-27 14:02 - 2014-04-27 14:02 - 00428068 _____ () C:\Users\Dustin2\Downloads\OptiFine_1.6.4_HD_U_D1.jar
2014-04-27 13:54 - 2014-04-27 13:54 - 00002008 _____ () C:\Users\Dustin2\Desktop\FileZilla Client.lnk
2014-04-27 13:53 - 2014-04-27 13:54 - 04968079 _____ (Tim Kosse) C:\Users\Dustin2\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-27 13:50 - 2014-04-27 14:06 - 89906602 _____ () C:\Users\Dustin2\Downloads\modpacks^AgrarianSkiesHQ^2_1_2^AgrarianSkiesHQServer.zip
2014-04-26 20:22 - 2014-04-26 20:22 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-26 18:45 - 2014-04-26 18:45 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (2).jar
2014-04-26 18:25 - 2014-04-26 18:26 - 03792105 _____ () C:\Users\Dustin2\Downloads\com_gameserver_3.1.3_joomla3.zip
2014-04-26 18:08 - 2014-04-26 18:08 - 00043202 _____ () C:\Users\Dustin2\Downloads\mod_mh_ts3viewer.rev.39.zip
2014-04-25 19:41 - 2014-04-25 19:41 - 00010474 _____ () C:\Users\Dustin2\Downloads\mobmakemoney.jar
2014-04-25 18:58 - 2014-04-25 18:58 - 00001979 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-25 18:51 - 2014-04-25 19:12 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\Overwolf
2014-04-25 16:57 - 2014-04-25 16:57 - 01691047 _____ () C:\Users\Dustin2\Downloads\pkg_kunena_v3.0.5_2014-03-09.zip
2014-04-25 16:48 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\TeamViewer
2014-04-25 16:47 - 2014-04-25 16:47 - 06120184 _____ (TeamViewer GmbH) C:\Users\Dustin2\Downloads\TeamViewer_Setup_de_9.0.27614 (1).exe
2014-04-25 16:05 - 2014-04-25 16:05 - 00035570 _____ () C:\Users\Dustin2\Downloads\ZavAutoMessager.jar
2014-04-25 15:57 - 2014-04-25 15:57 - 00457417 _____ () C:\Users\Dustin2\Downloads\MythicDrops.zip
2014-04-25 15:14 - 2014-04-25 15:14 - 00021572 _____ () C:\Users\Dustin2\Downloads\latest
2014-04-25 15:00 - 2014-04-25 15:00 - 07804408 _____ (SQL Maestro Group ) C:\Users\Dustin2\Downloads\mysql_datawizard_setup.exe
2014-04-25 14:59 - 2014-04-25 14:59 - 00728032 _____ () C:\Users\Dustin2\Downloads\COMPUTER_BILD-Download-Manager_fuer_mysql_datawizard_setup.exe
2014-04-25 14:42 - 2014-04-25 14:42 - 09566380 _____ () C:\Users\Dustin2\Downloads\Joomla_3.2.3-Stable-Full_Package.zip
2014-04-24 15:26 - 2014-04-24 15:26 - 00001297 _____ () C:\Users\Dustin2\Downloads\ExampleMobs (1).yml
2014-04-24 11:53 - 2014-04-24 11:53 - 00034690 _____ () C:\Users\Dustin2\Downloads\Dynmap_SimpleClans.jar
2014-04-24 11:52 - 2014-04-24 11:52 - 00230740 _____ () C:\Users\Dustin2\Downloads\SimpleClans-Legacy (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 00428219 _____ () C:\Users\Dustin2\Downloads\Factions (1).jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00028916 _____ () C:\Users\Dustin2\Downloads\Dynmap-Factions-0.72.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00022600 _____ () C:\Users\Dustin2\Downloads\Dynmap-Essentials-0.70.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00018987 _____ () C:\Users\Dustin2\Downloads\Dynmap-CommandBook-0.50.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 03539017 _____ () C:\Users\Dustin2\Downloads\dynmap-1.9.4.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 00021743 _____ () C:\Users\Dustin2\Downloads\Dynmap-WorldGuard-0.60.jar
2014-04-24 00:03 - 2014-04-24 00:03 - 00062323 _____ () C:\Users\Dustin2\Downloads\WorldBorder.jar
2014-04-23 20:41 - 2014-04-23 20:41 - 00018168 _____ () C:\Users\Dustin2\Downloads\HeroTroll.jar
2014-04-23 20:41 - 2014-04-23 20:41 - 00012452 _____ () C:\Users\Dustin2\Downloads\BeHerobrine1.5.2.jar
2014-04-23 20:40 - 2014-04-23 20:40 - 00119783 _____ () C:\Users\Dustin2\Downloads\DisguiseCraft.jar
2014-04-23 20:32 - 2014-04-23 20:33 - 00698982 _____ () C:\Users\Dustin2\Downloads\NoCheatPlus.jar
2014-04-23 16:34 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-23 16:34 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-23 16:34 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-23 16:34 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-23 16:30 - 2014-04-23 16:34 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-23 16:26 - 2014-04-23 16:26 - 00118211 _____ () C:\Users\Dustin2\Downloads\SimpleRegionMarket-3.6.3.jar

==================== One Month Modified Files and Folders =======

2014-05-23 18:44 - 2014-03-09 18:46 - 00031501 _____ () C:\Users\Dustin2\Desktop\FRST.txt
2014-05-23 18:43 - 2014-03-03 17:48 - 00000000 ____D () C:\FRST
2014-05-23 18:42 - 2009-11-04 14:15 - 01916726 _____ () C:\Windows\WindowsUpdate.log
2014-05-23 18:40 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-23 18:40 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-23 18:39 - 2013-02-02 11:10 - 00001832 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2014-05-23 18:33 - 2013-08-14 20:22 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\TSVNCache
2014-05-23 18:31 - 2014-05-23 17:52 - 00026273 _____ () C:\zoek-results.log
2014-05-23 18:31 - 2011-09-19 08:43 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-23 18:31 - 2010-04-25 13:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-23 18:30 - 2009-08-22 10:34 - 01448136 _____ () C:\Windows\PFRO.log
2014-05-23 18:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 18:30 - 2009-07-14 06:51 - 00309102 _____ () C:\Windows\setupact.log
2014-05-23 18:27 - 2013-11-06 17:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-23 18:22 - 2014-05-23 18:22 - 00000084 _____ () C:\folders.txt
2014-05-23 18:17 - 2014-05-23 15:26 - 00000000 ____D () C:\zoek_backup
2014-05-23 18:14 - 2010-04-25 13:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-23 18:12 - 2012-07-27 13:13 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006UA.job
2014-05-23 18:08 - 2014-05-23 17:38 - 00000000 ____D () C:\Program Files (x86)\Grepo
2014-05-23 18:02 - 2012-03-30 16:51 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000UA.job
2014-05-23 17:33 - 2014-05-23 18:23 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-23 15:26 - 2014-05-23 15:26 - 01285120 _____ () C:\Users\Dustin2\Downloads\zoek.exe
2014-05-23 15:12 - 2012-07-27 13:13 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006Core.job
2014-05-23 15:02 - 2012-03-30 16:51 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000Core.job
2014-05-23 14:51 - 2014-05-23 14:51 - 00000695 _____ () C:\Users\Dustin2\Desktop\JRT.txt
2014-05-22 21:11 - 2014-03-06 18:03 - 00000000 ____D () C:\AdwCleaner
2014-05-22 20:51 - 2014-05-22 20:51 - 01326389 _____ () C:\Users\Dustin2\Downloads\adwcleaner_3.210.exe
2014-05-22 20:51 - 2014-05-22 20:51 - 01326389 _____ () C:\Users\Dustin2\Desktop\adwcleaner_3.210.exe
2014-05-22 20:32 - 2012-11-13 19:50 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B3019771-99BB-46F9-8D8E-A65277738BB5}
2014-05-22 20:17 - 2012-07-27 13:16 - 00002376 _____ () C:\Users\Dustin2\Desktop\Google Chrome.lnk
2014-05-22 19:58 - 2014-05-22 19:58 - 00036749 _____ () C:\ComboFix.txt
2014-05-22 19:58 - 2014-05-22 17:48 - 00000000 ____D () C:\Qoobox
2014-05-22 19:55 - 2014-05-22 17:46 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 19:47 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-22 19:42 - 2009-07-14 04:34 - 99352576 _____ () C:\Windows\system32\config\software.bak
2014-05-22 19:42 - 2009-07-14 04:34 - 25427968 _____ () C:\Windows\system32\config\system.bak
2014-05-22 19:42 - 2009-07-14 04:34 - 02097152 _____ () C:\Windows\system32\config\default.bak
2014-05-22 19:42 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-05-22 19:42 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-05-22 19:24 - 2012-07-27 13:00 - 00000000 ____D () C:\Users\Dustin2
2014-05-22 19:23 - 2009-11-04 14:16 - 00000000 ____D () C:\Program Files (x86)\Acer Bio Protection
2014-05-22 17:34 - 2014-05-22 17:34 - 05200426 ____R (Swearware) C:\Users\Dustin2\Desktop\ComboFix.exe
2014-05-22 17:34 - 2014-05-22 17:34 - 05200426 _____ (Swearware) C:\Users\Dustin2\Downloads\ComboFix.exe
2014-05-22 17:13 - 2014-03-09 18:46 - 02067456 _____ (Farbar) C:\Users\Dustin2\Desktop\FRST64.exe
2014-05-22 17:00 - 2014-05-22 17:00 - 00000031 _____ () C:\Users\Dustin2\Downloads\tune_in_dsl.m3u
2014-05-22 14:09 - 2009-08-22 07:29 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-20 11:17 - 2012-09-09 15:37 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\.minecraft
2014-05-16 17:20 - 2014-05-15 16:42 - 00000000 ____D () C:\Users\Dustin2\Documents\RPGVXAce
2014-05-15 15:22 - 2014-05-15 15:22 - 00001188 _____ () C:\Users\Public\Desktop\RPG MAKER VX Ace Lite.lnk
2014-05-15 15:22 - 2014-05-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG MAKER VX Ace Lite
2014-05-15 15:22 - 2013-08-06 16:49 - 00000000 ____D () C:\Program Files (x86)\Enterbrain
2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\Users\Dustin2\Desktop\rpg-maker-vx-ace-lite
2014-05-15 15:20 - 2014-05-15 15:09 - 109892162 _____ () C:\Users\Dustin2\Downloads\rpg-maker-vx-ace-lite.zip
2014-05-15 15:13 - 2014-05-15 15:12 - 00773686 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1024withlogo.zip
2014-05-15 15:11 - 2014-05-15 15:10 - 01049372 _____ () C:\Users\Dustin2\Downloads\VXAceWallpaperThing1280withlogo.zip
2014-05-15 01:53 - 2013-08-17 12:47 - 00000000 ____D () C:\Users\Uwe\AppData\Local\TSVNCache
2014-05-15 01:41 - 2012-10-09 13:08 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DDA221F5-94E0-4BB6-BDA5-D7912CCC2ACC}
2014-05-15 00:47 - 2012-06-10 16:49 - 00000000 ___RD () C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 00:47 - 2012-06-10 16:49 - 00000000 ___RD () C:\Users\Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 18:27 - 2013-11-06 17:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 18:27 - 2012-07-06 04:24 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 18:27 - 2011-06-16 16:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 16:23 - 2012-12-05 18:21 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\FTB-Launcher
2014-05-14 15:53 - 2012-07-27 13:00 - 00000000 ___RD () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 15:53 - 2012-07-27 13:00 - 00000000 ___RD () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 15:40 - 2014-04-30 21:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 11:31 - 2009-08-22 10:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 11:29 - 2013-07-13 14:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 11:23 - 2010-05-02 22:09 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 10:18 - 2013-12-08 14:32 - 00000000 ____D () C:\Program Files (x86)\Deutsche Telekom AG
2014-05-10 22:51 - 2014-05-05 19:31 - 00000607 _____ () C:\Users\Dustin2\Desktop\Habbo Missis.txt
2014-05-10 15:13 - 2012-08-24 19:24 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\TS3Client
2014-05-10 15:07 - 2012-07-27 13:13 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006UA
2014-05-10 15:07 - 2012-07-27 13:13 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006Core
2014-05-10 15:05 - 2014-05-10 15:05 - 00015496 _____ () C:\Users\Dustin2\Downloads\NewCommands.jar
2014-05-10 14:49 - 2014-05-10 14:49 - 00006097 _____ () C:\Users\Dustin2\Downloads\kCommand_1.4.jar
2014-05-09 08:14 - 2014-05-14 10:32 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 10:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 17:09 - 2010-04-25 13:50 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-06 17:09 - 2010-04-25 13:50 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-14 11:33 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 11:32 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 11:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 11:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\Users\Dustin2\Desktop\BIGMacroTool
2014-05-05 16:02 - 2012-12-05 18:03 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\ftblauncher
2014-05-03 23:55 - 2014-05-03 23:55 - 00000000 ____D () C:\Program Files (x86)\BigMacroTool
2014-05-03 23:54 - 2014-05-03 23:54 - 00603961 _____ (TLProd ) C:\Users\Dustin2\Downloads\bigmacrotoolsetup.exe
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Recorder
2014-05-03 23:52 - 2014-05-03 23:52 - 00000000 ____D () C:\Program Files (x86)\MacroRecorder
2014-05-03 23:51 - 2014-05-03 23:51 - 00720656 _____ (Jitbit Software ) C:\Users\Dustin2\Downloads\MacroRecorderSetup.exe
2014-05-02 19:34 - 2014-05-02 19:34 - 00158576 _____ () C:\Users\Dustin2\Downloads\TukMC[3.2.5].zip
2014-05-02 18:46 - 2014-05-02 18:46 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental (1).zip
2014-05-02 18:46 - 2014-05-02 18:45 - 03699473 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2_2.0.397-experimental.jar
2014-05-02 18:45 - 2014-05-02 18:45 - 00065601 _____ () C:\Users\Dustin2\Downloads\industrialcraft-2-api_2.0.397-experimental.zip
2014-04-28 18:44 - 2014-04-28 18:44 - 00001140 _____ () C:\Users\Dustin2\Downloads\windmillschematic.schematic
2014-04-28 18:44 - 2014-04-28 18:44 - 00001128 _____ () C:\Users\Dustin2\Downloads\small_house.schematic
2014-04-28 18:43 - 2014-04-28 18:42 - 08072516 _____ () C:\Users\Dustin2\Downloads\templeofspirits.zip
2014-04-28 18:42 - 2014-04-28 18:42 - 00003166 _____ () C:\Users\Dustin2\Downloads\medievaltowerbyyowsky.schematic
2014-04-28 18:34 - 2014-04-28 18:34 - 00072336 _____ () C:\Users\Dustin2\Downloads\elijastemple.schematic
2014-04-28 18:33 - 2014-04-28 18:33 - 00040538 _____ () C:\Users\Dustin2\Downloads\spawn2745.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00002034 _____ () C:\Users\Dustin2\Downloads\largemedievalhouse.schematic
2014-04-28 18:29 - 2014-04-28 18:29 - 00000892 _____ () C:\Users\Dustin2\Downloads\smallmedievalhouse3155.schematic
2014-04-28 18:28 - 2014-04-28 18:28 - 00032780 _____ () C:\Users\Dustin2\Downloads\faction-spawn.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00265730 _____ () C:\Users\Dustin2\Downloads\aysgarth-medieval.schematic
2014-04-28 18:27 - 2014-04-28 18:27 - 00188559 _____ () C:\Users\Dustin2\Downloads\airship-shipyard.schematic
2014-04-28 18:21 - 2014-04-28 18:21 - 00691201 _____ () C:\Users\Dustin2\Downloads\Heroes.zip
2014-04-28 18:21 - 2014-04-28 18:21 - 00131877 _____ () C:\Users\Dustin2\Downloads\HeroChat.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00014885 _____ () C:\Users\Dustin2\Downloads\ArathosRPG.jar
2014-04-28 18:21 - 2014-04-28 18:21 - 00011463 _____ () C:\Users\Dustin2\Downloads\Dynmap-HeroChat-0.30-bin.zip
2014-04-27 15:20 - 2013-03-24 15:38 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\FileZilla
2014-04-27 14:06 - 2014-04-27 13:50 - 89906602 _____ () C:\Users\Dustin2\Downloads\modpacks^AgrarianSkiesHQ^2_1_2^AgrarianSkiesHQServer.zip
2014-04-27 14:02 - 2014-04-27 14:02 - 00428068 _____ () C:\Users\Dustin2\Downloads\OptiFine_1.6.4_HD_U_D1.jar
2014-04-27 13:54 - 2014-04-27 13:54 - 00002008 _____ () C:\Users\Dustin2\Desktop\FileZilla Client.lnk
2014-04-27 13:54 - 2014-04-27 13:53 - 04968079 _____ (Tim Kosse) C:\Users\Dustin2\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-27 13:54 - 2013-03-24 15:37 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-27 13:54 - 2013-03-24 15:37 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-26 20:22 - 2014-04-26 20:22 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-26 18:45 - 2014-04-26 18:45 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (2).jar
2014-04-26 18:26 - 2014-04-26 18:25 - 03792105 _____ () C:\Users\Dustin2\Downloads\com_gameserver_3.1.3_joomla3.zip
2014-04-26 18:08 - 2014-04-26 18:08 - 00043202 _____ () C:\Users\Dustin2\Downloads\mod_mh_ts3viewer.rev.39.zip
2014-04-26 17:48 - 2014-04-20 15:41 - 00014519 _____ () C:\Users\Dustin2\Desktop\groups.yml
2014-04-26 16:30 - 2012-08-03 16:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-25 19:41 - 2014-04-25 19:41 - 00010474 _____ () C:\Users\Dustin2\Downloads\mobmakemoney.jar
2014-04-25 19:12 - 2014-04-25 18:51 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\Overwolf
2014-04-25 18:58 - 2014-04-25 18:58 - 00001979 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-25 18:47 - 2012-08-24 19:24 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\TeamSpeak 3 Client
2014-04-25 16:57 - 2014-04-25 16:57 - 01691047 _____ () C:\Users\Dustin2\Downloads\pkg_kunena_v3.0.5_2014-03-09.zip
2014-04-25 16:48 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Dustin2\AppData\Roaming\TeamViewer
2014-04-25 16:47 - 2014-04-25 16:47 - 06120184 _____ (TeamViewer GmbH) C:\Users\Dustin2\Downloads\TeamViewer_Setup_de_9.0.27614 (1).exe
2014-04-25 16:05 - 2014-04-25 16:05 - 00035570 _____ () C:\Users\Dustin2\Downloads\ZavAutoMessager.jar
2014-04-25 15:57 - 2014-04-25 15:57 - 00457417 _____ () C:\Users\Dustin2\Downloads\MythicDrops.zip
2014-04-25 15:14 - 2014-04-25 15:14 - 00021572 _____ () C:\Users\Dustin2\Downloads\latest
2014-04-25 15:00 - 2014-04-25 15:00 - 07804408 _____ (SQL Maestro Group ) C:\Users\Dustin2\Downloads\mysql_datawizard_setup.exe
2014-04-25 14:59 - 2014-04-25 14:59 - 00728032 _____ () C:\Users\Dustin2\Downloads\COMPUTER_BILD-Download-Manager_fuer_mysql_datawizard_setup.exe
2014-04-25 14:42 - 2014-04-25 14:42 - 09566380 _____ () C:\Users\Dustin2\Downloads\Joomla_3.2.3-Stable-Full_Package.zip
2014-04-24 19:17 - 2010-08-05 17:51 - 00000450 ____H () C:\Windows\Tasks\Norton Security Scan for Dustin.job
2014-04-24 15:26 - 2014-04-24 15:26 - 00001297 _____ () C:\Users\Dustin2\Downloads\ExampleMobs (1).yml
2014-04-24 11:53 - 2014-04-24 11:53 - 00034690 _____ () C:\Users\Dustin2\Downloads\Dynmap_SimpleClans.jar
2014-04-24 11:52 - 2014-04-24 11:52 - 00230740 _____ () C:\Users\Dustin2\Downloads\SimpleClans-Legacy (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 01696408 _____ () C:\Users\Dustin2\Downloads\mcore (1).jar
2014-04-24 11:42 - 2014-04-24 11:42 - 00428219 _____ () C:\Users\Dustin2\Downloads\Factions (1).jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00028916 _____ () C:\Users\Dustin2\Downloads\Dynmap-Factions-0.72.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00022600 _____ () C:\Users\Dustin2\Downloads\Dynmap-Essentials-0.70.jar
2014-04-24 11:40 - 2014-04-24 11:40 - 00018987 _____ () C:\Users\Dustin2\Downloads\Dynmap-CommandBook-0.50.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 03539017 _____ () C:\Users\Dustin2\Downloads\dynmap-1.9.4.jar
2014-04-24 11:39 - 2014-04-24 11:39 - 00021743 _____ () C:\Users\Dustin2\Downloads\Dynmap-WorldGuard-0.60.jar
2014-04-24 00:03 - 2014-04-24 00:03 - 00062323 _____ () C:\Users\Dustin2\Downloads\WorldBorder.jar
2014-04-23 22:57 - 2012-10-16 18:25 - 00000000 ____D () C:\Users\Dustin2\AppData\Local\Paint.NET
2014-04-23 20:41 - 2014-04-23 20:41 - 00018168 _____ () C:\Users\Dustin2\Downloads\HeroTroll.jar
2014-04-23 20:41 - 2014-04-23 20:41 - 00012452 _____ () C:\Users\Dustin2\Downloads\BeHerobrine1.5.2.jar
2014-04-23 20:40 - 2014-04-23 20:40 - 00119783 _____ () C:\Users\Dustin2\Downloads\DisguiseCraft.jar
2014-04-23 20:33 - 2014-04-23 20:32 - 00698982 _____ () C:\Users\Dustin2\Downloads\NoCheatPlus.jar
2014-04-23 16:36 - 2013-11-04 15:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-23 16:34 - 2014-04-23 16:30 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-23 16:34 - 2011-05-29 17:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-23 16:26 - 2014-04-23 16:26 - 00118211 _____ () C:\Users\Dustin2\Downloads\SimpleRegionMarket-3.6.3.jar

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-22 21:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Jetzt darf ich ne Stunde lang Browser richtig einstellen -_-

Alt 23.05.2014, 19:18   #12
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Dustin2 at 2014-05-23 18:47:09
Running from C:\Users\Dustin2\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee  Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Access 97rt PAN EURO G (HKLM-x32\...\Access 97rt PAN EURO G) (Version:  - )
Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7020 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7020 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{565A39D6-4FB0-4F35-A2AC-0DC66ACC3520}) (Version: 6.1.48 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0903 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 4.0, 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Angry Birds (HKLM-x32\...\{07A6B206-3F11-4D92-92A1-90E116ADD660}) (Version: 2.0.2 - Rovio)
Angry Birds Space (HKLM-x32\...\{45FFEC16-0615-47E2-8B70-CBAFD31D820C}) (Version: 1.3.0 - Rovio)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version: 1.05 - )
ANNO 1503 GOLD (HKLM-x32\...\{DB833EF9-A198-49BE-970A-BD46F30BFBB4}) (Version: 1.05.00 - )
ANNO 1602 (HKLM-x32\...\{84F7CAD9-2316-4701-B5CA-E90FD60029E9}) (Version:  - )
ANNO 1602 Königs-Edition (HKLM-x32\...\{077A7810-A937-4465-AD08-ACED9807995F}) (Version: 1.00 - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{D10D9994-4337-8067-F5D7-9F8FEC1E4A00}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AuthenTec Fingerprint Software (HKLM-x32\...\{6CE5CC07-BCE8-4F4E-8287-101B59900A73}) (Version: 8.5.0.306 - AuthenTec, Inc.)
B109n-z (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Bauernhof (HKLM-x32\...\Bauernhof) (Version:  - )
BigMacroTool 1.5 (HKLM-x32\...\{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1) (Version:  - TLProd)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blue Byte Game Channel (HKLM-x32\...\Blue Byte Game Channel) (Version:  - UbiSoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Browser 7 der Telekom (HKLM-x32\...\Browser 7 der Telekom 28.0.28 (x86 de)) (Version: 28.0.28 - Deutsche Telekom AG)
Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 28.0.28 - Deutsche Telekom AG)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CortonAndHomePage (HKLM-x32\...\CortonAndHomePage) (Version:  - CortonAndHomePage)
Covert Operations (HKLM-x32\...\Covert Operations) (Version:  - )
CyberLink Audio Pack (5.1ch) for TriDefMediaPlayer 1.0 (HKLM-x32\...\CyberLink Audio Pack for TriDefMediaPlayer_is1) (Version: 1.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dachser Global Player (HKLM-x32\...\Dachser Global Player) (Version:  - )
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DarkWave Studio 3.5.7 (HKLM-x32\...\DarkWave Studio) (Version: 3.5.7 - ExperimentalScene)
Der Herr der Ringe Online (HKCU\...\LOTROde) (Version:  - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM-x32\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version:  - )
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Die Sims™ 2 Haustiere (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 1.0.1050 - Infernum Productions AG)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
EE-ZDE (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Euro Truck Simulator 1.00 (HKLM-x32\...\Euro Truck Simulator) (Version: 1.00 - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0.8.8.2 - Ezvid, inc.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FileZilla Client 3.8.0 (HKCU\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fingerprint Solution (x32 Version: 6.1.48.0 - Egis Technology Inc.) Hidden
Flatcast Producer Plugin 5.2.2.471 (HKLM-x32\...\Flatcast_is1) (Version:  - 1 mal 1 Software GmbH)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free AVI Video Converter version 5.0.22.128 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.22.128 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.22.128 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.22.128 - DVDVideoSoft Ltd.)
Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
Free YouTube Download version 3.2.16.1030 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.16.1030 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.2.3.0 - GitHub, Inc.)
Gizmodock (HKLM-x32\...\Gizmodock) (Version:  - Gizmodock)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Fantasia (HKLM-x32\...\Grand Fantasia) (Version:  - )
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Green Line 2 Sprachtrainer (HKLM-x32\...\{16281EBA-AA00-44D2-BC8B-06F3C3380DA1}) (Version: 1.00.000 - Klett)
Grepo (HKLM-x32\...\Grepo) (Version:  - Grepo)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.41 - Happy Cloud, Inc.)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.4.6 - Reto-Moto)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{722B4A13-F24D-43AE-8813-5DB82C0B23C2}) (Version:  - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.25.01 - Hyperionics Technology LLC)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 9 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.300 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LEGO® Star Wars™: Die Komplette Saga (HKLM-x32\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (x32 Version: 1.00.0000 - LucasArts) Hidden
LG Internet Kit (HKLM-x32\...\LG Internet Kit) (Version: 4.2.1 - LG Electronics)
LG USB Modem Drivers (HKLM-x32\...\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}) (Version: 4.9.7 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.210 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.210 - LogMeIn, Inc.) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Macro Recorder 5.7.4 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.4 - Jitbit Software)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{B332E15B-243F-4F40-8530-1524F84230A0}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 11.0.678 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Meine Dienste Software (HKLM\...\Meine Dienste Software) (Version: 2.0.5.0 - Telekom)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version:  - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Crimson Skies Trial (HKLM-x32\...\Crimson Skies Trial 1.0) (Version:  - )
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft Texturepack Editor (HKLM-x32\...\Minecraft Texturepack Editor) (Version:  - )
MixPad Audiodatei-Mixer (HKLM-x32\...\MixPad) (Version:  - NCH Software)
Mozilla Firefox 22.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 de)) (Version: 22.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MWS Reader 4 (HKLM-x32\...\MWS Reader 4_is1) (Version: 4.8 - Micro WAL Software, directINNOVATION UG (haftungsbeschränkt))
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
NavyField2 (HKLM-x32\...\NavyField2 EU) (Version:  - )
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 3.5.1.8 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
OLYMPUS ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.)
OLYMPUS ib (x32 Version: 1.1.1404 - OLYMPUS IMAGING CORP.) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
Pagealicious (HKLM-x32\...\Pagealicious) (Version:  - Pagealicious) <==== ATTENTION
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Beschleunigen (HKLM\...\PK-PCSU_is1) (Version: 1.3.10.20086 - PC Beschleunigen)
Pflanzen gegen Zombies (HKLM-x32\...\BFG-Pflanzen gegen Zombies) (Version:  - )
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
PhotoStage Diashow-Ersteller (HKLM-x32\...\PhotoStage) (Version:  - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PS_AIO_06_B109n-z_SW_Min (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden
Quick Memory Editor 5.5 (HKLM-x32\...\Quick Memory Editor_is1) (Version:  - softcows.com)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.6 - Razer USA Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Red Ace Squadron (HKLM-x32\...\{BB930C8A-DDAA-4BAC-B02B-F27440479B2D}) (Version:  - )
Reef Club Casino (HKLM-x32\...\Reef Club Casino) (Version:  - )
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version:  - )
RPG MAKER VX Ace Lite (HKLM-x32\...\RPGVXAceLite_E_is1) (Version: 1.01b - Enterbrain)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Schmidt Interaktivspaß Doppelkopf (HKLM-x32\...\{BA947C14-9B71-484D-B66C-055E2E6CA7B1}) (Version:  - )
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Sir Henry's Anno 1602 InselEditor (HKLM-x32\...\Sir Henry's Anno 1602 InselEditor) (Version:  - )
SketchUp 2014 (HKLM-x32\...\{D71C0CA7-A245-4CB7-A958-7DB3377602AE}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SL-6640 Black Widow Flightstick (HKLM-x32\...\InstallShield_{10D4F38B-5436-4673-B861-F301929B373B}) (Version: 3.1 - Joellenbeck GmbH)
SL-6640 Black Widow Flightstick (x32 Version: 3.1 - Joellenbeck GmbH) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version:  - NCH Software)
Sprachtrainer Fonts (HKLM-x32\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
SQLiteManager (HKLM-x32\...\{C4BA538B-FEF1-4769-A4A3-AE3A9FEAC336}) (Version: 4.2.8 - SQLabs)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.00 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Subversion (HKLM-x32\...\{234AE151-D441-4504-A439-0FE428F8F989}) (Version: 1.8.0.1 - CollabNet)
Switch Audiodatei-Konverter (HKLM-x32\...\Switch) (Version:  - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TEdit 3 (HKLM-x32\...\{B161A5C0-F7C2-4F9B-BA93-051D7C26E624}) (Version: 3.5.14060.0 - BinaryConstruct)
TEdit 3 (HKLM-x32\...\{B81207ED-C990-4AB1-B5D5-A191EA253C0D}) (Version: 3.5.14064.0 - BinaryConstruct)
TEdit 3 (HKLM-x32\...\{EDEAA16E-C6A6-439F-AD8D-B2B68B64176F}) (Version: 3.4.13298.0 - BinaryConstruct)
TEdit 3 (HKLM-x32\...\{F015942F-C1BD-4297-A8A4-C0B8D42B39C5}) (Version: 3.4.13358.0 - BinaryConstruct)
Telekom Fotoservice (HKLM-x32\...\Telekom Fotoservice) (Version:  - )
TempoPerfect Metronome Software (HKLM-x32\...\TempoPerfect) (Version:  - NCH Software)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
Thirsty Punk (HKLM-x32\...\{11DFFB78-5C06-476A-9EAA-747106633545}) (Version: 1.00.0000 - )
Tiny Media Player v1.0 (HKLM-x32\...\Tiny Media Player_is1) (Version: 1.0.0.0 - )
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
TomTom HOME 2.7.6.2056 (HKLM-x32\...\TomTom HOME) (Version: 2.7.6.2056 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version:  - )
T-Online WLAN-Access Finder (HKLM-x32\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TopStyle Lite (Version 3.0) (HKLM-x32\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TortoiseSVN 1.8.1.24570 (64 bit) (HKLM\...\{ECA99F0F-4FCE-40F6-B086-B9A0F7F5563F}) (Version: 1.8.24570 - TortoiseSVN)
Torus Trooper (HKLM-x32\...\{AEB04055-F5B1-47A1-ACEE-F53C23339936}) (Version: 1.00.0000 - Ihr Firmenname)
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TriDef 3D (OEM-A) 1.4.10 (HKLM-x32\...\experience-oem-a-bundle) (Version: 1.4.10gm - )
TriDef 3D Ignition 2.3.3 (HKLM-x32\...\ignition-pkg) (Version: 2.3.3gm - )
TriDef 3D Media Player 6.4.21 (HKLM-x32\...\media-player-pkg) (Version: 6.4.21gm - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VideoPad Videobearbeitungs-Software (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WavePad Audiobearbeitungs-Software (HKLM-x32\...\WavePad) (Version:  - NCH Software)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.8 r9 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.8 r9 - YGOPro DevPro Online)
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version:  - NCH Software)

==================== Restore Points  =========================

23-04-2014 14:26:20 Installed Java 7 Update 55
30-04-2014 19:10:24 Windows Update
02-05-2014 20:51:36 Windows Update
14-05-2014 09:16:33 Windows Update
22-05-2014 15:59:13 ComboFix created restore point
23-05-2014 15:52:18 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-22 19:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {07EE24B1-5C8C-4D23-AFDE-DF38C402164F} - System32\Tasks\{F41867D0-906D-47F3-9505-7D4A4C5295B4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {08ED0173-7023-4ECE-B904-9F4BF9C9BD15} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {0EEBBE99-C529-4B15-AD3E-6A6670ACC7A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006Core => C:\Users\Dustin2\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {170BD267-5E3C-44DC-97EA-CE5527D9C7C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-25] (Google Inc.)
Task: {1C0D0C07-9A30-4E36-9DC6-13937CCA1B57} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000UA => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {23BC9A63-F735-4E6C-A010-AD669726BD1E} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {28F38A2A-17F8-41F4-985B-3EE38E446F28} - System32\Tasks\{E1B1C975-FB3D-4BD7-A326-77A88CEB6252} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {2EAF805E-1793-431B-A79B-BE8A74BC0E4C} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-05-07] ()
Task: {3154DB27-569A-49FE-9351-C27A412898BE} - System32\Tasks\{91369C71-A5B5-4B7A-9C84-3F550E43D1F4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {39A7D493-7EC7-499D-9BFF-6C0706FE7FE9} - System32\Tasks\{4BC2CDCB-DFC3-4776-B2C5-D884E3846FA4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {482BC811-BBFA-436A-A608-3EC6BB0EC1E2} - System32\Tasks\{619D66F0-BDFA-4102-86C6-B3771BD17950} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {512554F5-746E-4170-A66A-41AF2A15975D} - \DealPly No Task File <==== ATTENTION
Task: {55813747-4151-45A6-BF9D-3B38A85AA89E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {64C957D3-B0C5-4E39-9D64-B09A8C470F12} - System32\Tasks\{8AE5858A-D627-4EEC-850C-7EF95FCC4F35} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?page=tsProgressBar
Task: {651A3C3F-1DA5-4B3B-9E99-313F6B0D0691} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2972218083-3551369242-1309756512-1006
Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {67E811AB-A056-48F3-9127-B33B21C161F8} - System32\Tasks\{A9E31417-2142-4F9A-BB85-1B6D6B2C0DE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {708F4270-0C36-4543-8804-6EAC46214BE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-25] (Google Inc.)
Task: {73A6CF2B-7BF5-4A55-B2FB-EE45F6A64B04} - System32\Tasks\{D535A955-DC6F-4D2A-8001-AA62A4B42718} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {7E75CFEE-9B68-4136-8CCA-9CB910ACDD31} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000Core => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {7E9BFD60-05E8-44CA-9032-B0F403C6679B} - System32\Tasks\{F5D96F90-CCE0-4A37-8779-F6D750790D81} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {8BF882A3-1078-4F6A-8703-D0E77ACC571A} - System32\Tasks\{CBEE636B-6390-41FD-B7C1-2A29B523F030} => C:\Program Files (x86)\MAESTIA\Maestia.exe
Task: {96E03107-9A30-492D-997E-4CB15234436C} - \Software Updater Ui No Task File <==== ATTENTION
Task: {975C2F73-A19E-4570-A161-7916C54AAFD9} - System32\Tasks\{B53B4F90-035C-40A9-8D24-EDB78FE441D3} => C:\Program Files (x86)\MAESTIA\Maestia.exe
Task: {A76477DC-EFBF-4CAC-A5D6-D9E734A09BB8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006UA => C:\Users\Dustin2\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {AD72E41E-DBC3-4135-A6A0-8EBC77E49062} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B19CE310-1D03-4E96-A59F-558D128BF971} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {B77D780B-ADD5-4308-9C4B-064E50231C8B} - \Software Updater No Task File <==== ATTENTION
Task: {D2A4A053-0C10-4A9F-9941-30366E7F406A} - \Your File Updater No Task File <==== ATTENTION
Task: {D76068F8-8449-48AE-B6FA-F76E20DE809C} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {DDC7CB5D-3F94-408D-86F5-2597208AF063} - System32\Tasks\{1921F2C4-E2C3-4A78-A8D1-2CD38AE039AF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {DEE0E07F-633F-42D1-8303-E18BD89B0963} - System32\Tasks\{EAFB9936-9EC5-4723-8A2B-163FADD36ECE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {DFCB70E5-82DF-488F-A26D-B7DB16DC115A} - System32\Tasks\{C20B8553-DDFC-459A-8062-4C0729B2B688} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {E0842355-8351-444D-A2CD-BF73DE551041} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {E0FD416F-4B08-412D-BE65-91F0EB8576C8} - System32\Tasks\{41FD7B73-1435-48BB-A42A-4B1D03C2FF7A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {E104C726-04CF-4CA9-BA85-BE429D107195} - System32\Tasks\{3E112CA3-F4C0-4677-B300-CC06D5A818EC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {E435CE5A-7424-4D7B-9AF6-651C169D2049} - System32\Tasks\{4AF42F1C-379B-4311-81D9-9F6A5A82B81D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {ECFEB674-8834-41F0-8EA1-3FD06219E6E5} - System32\Tasks\{7DEAE150-C539-4E10-BC04-2046364152A1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsInstall&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {ED4F7DF8-5970-476D-A533-8D5FC35F7464} - System32\Tasks\{24C2E171-0F75-46BC-814E-B1D8C946B448} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {ED87B43F-B4DB-44D7-B128-0E43B5943246} - System32\Tasks\{973A8573-3253-46A9-B038-D0309DBD7210} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.59.124/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {FEC8B849-9820-4215-94A4-EAEE8B6921ED} - System32\Tasks\Norton Security Scan for Dustin => C:\Program Files (x86)\Norton Security Scan\Engine\3.5.1.8\Nss.exe [2011-08-05] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000Core.job => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1000UA.job => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006Core.job => C:\Users\Dustin2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972218083-3551369242-1309756512-1006UA.job => C:\Users\Dustin2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Dustin.job => C:\PROGRA~2\NORTON~2\Engine\351~1.8\Nss.exe

==================== Loaded Modules (whitelisted) =============

2013-07-22 20:41 - 2013-07-22 20:41 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-07-22 20:41 - 2013-07-22 20:41 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-04-18 12:10 - 2013-04-18 12:10 - 01731072 _____ () C:\Program Files (x86)\pc essentials\updater.exe
2009-11-04 14:16 - 2008-07-29 20:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2009-07-29 14:10 - 2009-07-29 14:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-11-04 14:15 - 2009-11-04 14:15 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2012-07-05 20:17 - 2005-07-20 12:34 - 00700497 ____N () C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\libcurl.dll
2012-07-05 20:17 - 2004-04-16 15:45 - 00143360 ____N () C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\libexpat.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-07-22 19:49 - 2013-07-22 19:49 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-05-22 20:17 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 20:17 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 20:17 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 20:17 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 20:17 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-22 20:17 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\Dustin2\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
AlternateDataStreams: C:\Users\Dustin\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Dustin\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk => C:\Windows\pss\simplicheck.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dustin2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Meine Dienste.lnk => C:\Windows\pss\Meine Dienste.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dustin2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Netzmanager.lnk => C:\Windows\pss\Netzmanager.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Photosmart Wireless B109n-z
Description: Photosmart Wireless B109n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart Wireless B109n-z
Description: Photosmart Wireless B109n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (05/23/2014 06:32:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/23/2014 06:31:59 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 25.116.3.128192.168.137.0255.255.255.0

Error: (05/23/2014 06:31:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "XAMPP Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/23/2014 06:11:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/23/2014 06:11:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/23/2014 06:11:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/23/2014 06:11:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/23/2014 06:11:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/23/2014 03:37:30 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 25.116.3.128192.168.137.0255.255.255.0

Error: (05/23/2014 03:37:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-22 19:23:01.497
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-22 19:23:01.295
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 4090.93 MB
Available physical RAM: 2292.79 MB
Total Pagefile: 8180.03 MB
Available Pagefile: 5255.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:583.38 GB) (Free:362.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 9BBB9BBB)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=583 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Wenigstens standen im Zoek Log die Erweiterungen drin...

Geändert von Cupa (23.05.2014 um 19:20 Uhr) Grund: Fehler :-D

Alt 23.05.2014, 21:03   #13
M-K-D-B
/// TB-Ausbilder
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKLM-x32 - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo_x64.dll (grepo)
BHO-x32: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo.dll (grepo)
FF Extension: grepo - C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\Extensions\grepo@extension [2014-05-23]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
Task: {512554F5-746E-4170-A66A-41AF2A15975D} - \DealPly No Task File <==== ATTENTION
Task: {96E03107-9A30-492D-997E-4CB15234436C} - \Software Updater Ui No Task File <==== ATTENTION
Task: {B19CE310-1D03-4E96-A59F-558D128BF971} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {B77D780B-ADD5-4308-9C4B-064E50231C8B} - \Software Updater No Task File <==== ATTENTION
Task: {D2A4A053-0C10-4A9F-9941-30366E7F406A} - \Your File Updater No Task File <==== ATTENTION
Task: {D76068F8-8449-48AE-B6FA-F76E20DE809C} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {E0842355-8351-444D-A2CD-BF73DE551041} - \DealPlyUpdate No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
AlternateDataStreams: C:\Users\Dustin\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Dustin\AppData\Roaming:NT
C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\extensions\grepo@extension
C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default\extensions\grepo@extension
C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipcalcgelfddoilleimelkbcfmgpeleh
C:\Program Files (x86)\Grepo
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :folderfind
    *Grepo*
    
    :regfind
    Grepo
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 4
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von FRST,
  • die Logdatei von SystemLook,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 24.05.2014, 15:32   #14
Cupa
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



Ehm die Erweiterung ist wieder da O.o

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-05-2014
Ran by Dustin2 at 2014-05-23 23:10:14 Run:1
Running from C:\Users\Dustin2\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKLM-x32 - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo_x64.dll (grepo)
BHO-x32: grepo - {28A984B0-844D-48EC-AE42-6682BBB4FD33} - C:\Program Files (x86)\Grepo\grepo.dll (grepo)
FF Extension: grepo - C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\Extensions\grepo@extension [2014-05-23]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
Task: {512554F5-746E-4170-A66A-41AF2A15975D} - \DealPly No Task File <==== ATTENTION
Task: {96E03107-9A30-492D-997E-4CB15234436C} - \Software Updater Ui No Task File <==== ATTENTION
Task: {B19CE310-1D03-4E96-A59F-558D128BF971} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {B77D780B-ADD5-4308-9C4B-064E50231C8B} - \Software Updater No Task File <==== ATTENTION
Task: {D2A4A053-0C10-4A9F-9941-30366E7F406A} - \Your File Updater No Task File <==== ATTENTION
Task: {D76068F8-8449-48AE-B6FA-F76E20DE809C} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {E0842355-8351-444D-A2CD-BF73DE551041} - \DealPlyUpdate No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
AlternateDataStreams: C:\Users\Dustin\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Dustin\AppData\Roaming:NT
C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\extensions\grepo@extension
C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default\extensions\grepo@extension
C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipcalcgelfddoilleimelkbcfmgpeleh
C:\Program Files (x86)\Grepo
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Reboot:
end
         
*****************

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgress => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
HKCR\CLSID\۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28A984B0-844D-48EC-AE42-6682BBB4FD33} => Key deleted successfully.
HKCR\CLSID\{28A984B0-844D-48EC-AE42-6682BBB4FD33} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28A984B0-844D-48EC-AE42-6682BBB4FD33} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{28A984B0-844D-48EC-AE42-6682BBB4FD33} => Key deleted successfully.
C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\Extensions\grepo@extension => Moved successfully.
X6va008 => Service deleted successfully.
X6va011 => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{512554F5-746E-4170-A66A-41AF2A15975D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{512554F5-746E-4170-A66A-41AF2A15975D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96E03107-9A30-492D-997E-4CB15234436C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96E03107-9A30-492D-997E-4CB15234436C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater Ui => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B19CE310-1D03-4E96-A59F-558D128BF971} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B19CE310-1D03-4E96-A59F-558D128BF971} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B77D780B-ADD5-4308-9C4B-064E50231C8B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B77D780B-ADD5-4308-9C4B-064E50231C8B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2A4A053-0C10-4A9F-9941-30366E7F406A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2A4A053-0C10-4A9F-9941-30366E7F406A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Your File Updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D76068F8-8449-48AE-B6FA-F76E20DE809C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D76068F8-8449-48AE-B6FA-F76E20DE809C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0842355-8351-444D-A2CD-BF73DE551041} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0842355-8351-444D-A2CD-BF73DE551041} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":1D32EC29" ADS removed successfully.
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\Temp => ":93DE1838" ADS removed successfully.
C:\ProgramData\Temp => ":AB689DEA" ADS removed successfully.
C:\ProgramData\Temp => ":ABE89FFE" ADS removed successfully.
C:\ProgramData\Temp => ":B1FBBD09" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\Temp => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\Temp => ":E3C56885" ADS removed successfully.
"C:\Users\Dustin\Anwendungsdaten" => ":NT" ADS not found.
C:\Users\Dustin\AppData\Roaming => ":NT" ADS removed successfully.
"C:\Users\Dustin2\AppData\Roaming\Mozilla\Firefox\Profiles\mjq9hrep.default\extensions\grepo@extension" => File/Directory not found.
C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\k01fu59j.default\extensions\grepo@extension => Moved successfully.
C:\Users\Dustin2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipcalcgelfddoilleimelkbcfmgpeleh => Moved successfully.
C:\Program Files (x86)\Grepo => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.


The system needed a reboot. 

==== End of Fixlog ====
         

Alt 24.05.2014, 16:07   #15
M-K-D-B
/// TB-Ausbilder
 
Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Standard

Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder



FRST bitte nochmal ausführen:


  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder
adobe, akamai, bingbar, bonjour, chrome extension, computer_bild-download-manager, downloader, explorer, flash player, google, home, launch, newtab, nicht löschb, olympus, phishing, pup.optional.facemoods.a, pup.optional.hyperionics.a, realtek, registry, seiten, services.exe, siteadvisor, software, system, teamspeak, temp, virus, virusverdacht, windows



Ähnliche Themen: Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder


  1. Download Protect 2.2.8 als extension in Google Chrome - laesst sich nicht entfernen
    Log-Analyse und Auswertung - 27.08.2015 (11)
  2. Pup.optional.vosteran.a über Google Chrome, kommt immer wieder !
    Plagegeister aller Art und deren Bekämpfung - 01.04.2015 (13)
  3. Snap.do lässt sich nicht deinstallieren - taucht immer wieder in allen Browsern auf - Win 8.1 x64
    Log-Analyse und Auswertung - 23.10.2014 (15)
  4. Win 7 Pro / Chrome / YoTBoooKMaRRk 1.1 kommt immer wieder
    Log-Analyse und Auswertung - 07.08.2014 (9)
  5. Win 8: TR/Trash.Gen kommt immer wieder und "istart.websearch" als Google Chrome Startseite.
    Log-Analyse und Auswertung - 01.08.2014 (3)
  6. Chrome Browser Deaktiviert Sich immer Wieder
    Plagegeister aller Art und deren Bekämpfung - 23.04.2014 (11)
  7. Windows 7 Google Chrome Adware (fun2save) installiert sich immer wieder selbst
    Log-Analyse und Auswertung - 08.01.2014 (9)
  8. Laptop kommt nichtmehr ins Internet, Programm lässt sich nicht entfernen
    Log-Analyse und Auswertung - 18.10.2013 (11)
  9. Achtung! Windowssystem blockiert... lässt sich nicht löschen/kommt wieder
    Plagegeister aller Art und deren Bekämpfung - 24.12.2011 (5)
  10. Es erstellt sich immer ein Ordner und er kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (1)
  11. Virus:Win32/Alureon.H lässt sich nicht löschen, bzw. ist immer wieder da
    Plagegeister aller Art und deren Bekämpfung - 02.08.2010 (12)
  12. AntiVir Guard inaktiv, lässt sich nicht deinstallieren, startet immer wieder Setup
    Antiviren-, Firewall- und andere Schutzprogramme - 10.06.2010 (39)
  13. Antivir lässt sich nicht aktivieren, und der Rechner fährt immer wieder runter!
    Antiviren-, Firewall- und andere Schutzprogramme - 10.12.2008 (0)
  14. ständig kommt AntiVir Fehlermeldung.. lässt sich nicht löschen
    Mülltonne - 13.04.2008 (0)
  15. Komme nicht weiter und der Käse kommt immer wieder!
    Log-Analyse und Auswertung - 23.03.2005 (9)
  16. Winad lässt sich nicht entfernen/kommt wieder
    Plagegeister aller Art und deren Bekämpfung - 16.12.2004 (25)

Zum Thema Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder - Hallöchen lieber Helfer, Ich hab da so ein kleines Problem...Die (anscheinend) unbekannte Google Chrome Erweiterung "Grepo" macht Probleme. Ich habe schon versucht, irgendwas darüber im Internet zu finden, war aber - Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder...
Archiv
Du betrachtest: Chrome Extension Grepo lässt sich nicht verjagen/kommt immer wieder auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.