| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ads by OnlineBrowserAdvertising entfernen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
31.05.2014, 16:12
| #1 |
| /// TB-Ausbilder   |  Ads by OnlineBrowserAdvertising entfernen? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Welche Programme hast du schon auf eigene Faust ausgeführt???? Alle Logdateien von AdwCleaner, etc. posten!!! Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
31.05.2014, 16:29
| #2 |
 | Ads by OnlineBrowserAdvertising entfernen? FRST
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by User (administrator) on PC1 on 31-05-2014 17:25:49
Running from C:\Users\User\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(TeamSpeak Systems GmbH) C:\Users\User\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-09-19] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\MountPoints2: {f83ce596-d3fc-11e2-9cc3-806e6f6e6963} - SETUP.EXE
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
ShortcutTarget: IMVU.lnk -> C:\Users\User\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x72AF0974E9E2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{67B02B1A-7418-48EF-B2E5-02FC8EC69392}: [NameServer]192.168.178.1,192.168.178.46
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lpqe0v84.default
FF NetworkProxy: "socks_version", 4
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: AdRemoverrUuTubbe - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lpqe0v84.default\Extensions\y-ov@vasoobdhdw.net [2014-04-17]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
Chrome:
=======
CHR Extension: (AdRemoverrUuTubbe) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibpjnjgdeendckdpigimgmolffmpoca [2014-04-13]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\User\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\User\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-08-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
S2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-06-19] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 b57xdbd; system32\DRIVERS\b57xdbd.sys [X]
S3 b57xdmp; system32\DRIVERS\b57xdmp.sys [X]
S3 bScsiMSa; system32\DRIVERS\bScsiMSa.sys [X]
S3 bScsiSDa; system32\DRIVERS\bScsiSDa.sys [X]
S3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 RwDrv; \??\C:\Windows\SysWOW64\Drivers\RwDrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-31 17:25 - 2014-05-31 17:26 - 00012597 _____ () C:\Users\User\Desktop\FRST.txt
2014-05-31 17:25 - 2014-05-31 17:25 - 02066944 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-05-31 17:25 - 2014-05-31 17:25 - 02066944 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-05-31 17:25 - 2014-05-31 17:25 - 00000000 ____D () C:\FRST
2014-05-31 16:44 - 2014-05-31 16:44 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AdwCleaner - CHIP-Installer.exe
2014-05-31 14:24 - 2014-05-31 14:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\IMVUClient
2014-05-31 14:22 - 2014-05-31 14:23 - 00079248 _____ () C:\Users\User\Downloads\InstallIMVU_502.0_st_c.exe
2014-05-30 15:43 - 2014-05-30 15:43 - 00379963 _____ () C:\Users\User\Downloads\Yakuza-Keybinder.rar
2014-05-30 08:35 - 2014-05-30 08:35 - 08388904 _____ () C:\Users\User\Downloads\[Hochladen.to Dateien - Files kostenlos hochladen]fonts.txd
2014-05-29 21:15 - 2014-05-29 21:15 - 00161351 _____ () C:\Users\User\Downloads\-ORIGINAL--SKINS.rar
2014-05-29 21:15 - 2014-05-29 21:15 - 00000000 ____D () C:\Users\User\Desktop\-ORIGINAL--SKINS
2014-05-28 16:43 - 2014-05-28 16:43 - 00000000 ____D () C:\ProgramData\CDB
2014-05-28 16:42 - 2014-05-28 16:48 - 00000000 ____D () C:\rei
2014-05-28 16:42 - 2014-05-28 16:43 - 00000163 _____ () C:\Windows\Reimage.ini
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair.exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair (1).exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00000000 ____D () C:\Program Files\Reimage
2014-05-26 15:45 - 2014-05-26 15:46 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (2).zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00412626 _____ () C:\Users\User\Downloads\Freundesliste System.zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00000000 ____D () C:\Users\User\Desktop\Freundesliste System
2014-05-24 20:56 - 2014-05-24 20:56 - 02250240 _____ () C:\Users\User\Downloads\SA-Keybinder.exe
2014-05-24 20:40 - 2014-05-24 20:41 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (2).exe
2014-05-24 10:17 - 2014-05-24 10:17 - 01993005 _____ () C:\Users\User\Downloads\Bilder.rar
2014-05-23 21:41 - 2014-05-23 21:41 - 00008192 _____ () C:\Users\User\Downloads\Adlerauge.exe
2014-05-23 21:39 - 2014-05-23 21:39 - 00008192 _____ () C:\Users\User\Downloads\SAMP-NameTag-Hack.exe
2014-05-23 20:50 - 2014-05-23 20:50 - 01131529 _____ () C:\Users\User\Downloads\edits.rar
2014-05-22 16:30 - 2014-05-22 16:30 - 00028670 _____ () C:\Users\User\Downloads\peko-ist-geil.wav
2014-05-21 18:48 - 2014-05-21 18:48 - 26151954 _____ () C:\Users\User\Downloads\GENRL0 (2)
2014-05-21 18:24 - 2014-05-22 14:30 - 00000000 ____D () C:\Users\User\Documents\Overlay-Optionen
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Downloads\Overlay_1.45.exe
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Desktop\Overlay_1.45.exe
2014-05-21 18:13 - 2014-05-21 18:13 - 24913027 _____ () C:\Users\User\Downloads\PigMussy-Pack.rar
2014-05-21 17:38 - 2014-05-21 17:38 - 08353712 _____ () C:\Users\User\Downloads\Kenny wat is den los mit dir_.mp4
2014-05-18 19:29 - 2014-05-18 19:29 - 00004760 _____ () C:\Users\User\Downloads\Weapon.dat - default.ide v3.rar
2014-05-18 10:35 - 2014-05-18 10:35 - 06247465 _____ () C:\Users\User\Downloads\Lagg oder DDos_.mp4
2014-05-17 18:58 - 2014-05-17 18:58 - 06362224 _____ () C:\Users\User\Downloads\Felix_Diesel #Healhack.mp4
2014-05-17 18:37 - 2014-05-17 18:37 - 00000000 ____D () C:\Users\User\Desktop\Deaglepack (1)
2014-05-17 18:36 - 2014-05-17 18:37 - 05643950 _____ () C:\Users\User\Downloads\Deaglepack (1).rar
2014-05-17 16:50 - 2014-05-17 16:50 - 00001174 _____ () C:\Users\User\Desktop\TeamSpeak 3 Client.lnk
2014-05-17 16:50 - 2014-05-17 16:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-05-17 16:40 - 2014-05-17 16:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 64 Bit - CHIP-Downloader.exe
2014-05-17 16:39 - 2014-05-17 16:39 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe
2014-05-17 12:44 - 2014-05-17 12:44 - 00080476 _____ () C:\Users\User\Downloads\YakuZa-Skin-f--r-die-Tomate.rar
2014-05-17 12:21 - 2014-05-17 12:21 - 00768428 _____ () C:\Users\User\Downloads\1341069701_HDiconsSAbyZera.zip
2014-05-17 11:43 - 2014-05-17 11:43 - 08388904 _____ () C:\Users\User\Downloads\fonts (4).txd
2014-05-16 20:32 - 2014-05-16 20:32 - 05220703 _____ () C:\Users\User\Desktop\RPG CITY TEAM USER PRESENTATION !.webm
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-13 19:55 - 2014-05-19 20:34 - 00000000 ____D () C:\Users\User\Desktop\frag
2014-05-13 19:43 - 2014-05-13 19:43 - 00839913 _____ () C:\Users\User\Downloads\Yakuza-Intro.mp4
2014-05-10 18:45 - 2014-05-10 18:45 - 19568865 _____ () C:\Users\User\Downloads\Fertige-GENRL.rar
2014-05-10 16:30 - 2014-05-12 20:09 - 00000000 ____D () C:\Users\User\Desktop\King
2014-05-10 16:28 - 2014-05-10 16:30 - 106494550 _____ () C:\Users\User\Downloads\King.zip
2014-05-10 15:37 - 2014-05-10 15:37 - 00000000 ____D () C:\Users\User\Desktop\selfmadeavi
2014-05-09 18:38 - 2014-05-09 18:38 - 05355643 _____ () C:\Users\User\Downloads\Khalife.zip
2014-05-09 16:46 - 2014-05-09 16:46 - 00000000 ____D () C:\Users\User\Desktop\-Gerami-HD-Modpack- (3)
2014-05-09 16:45 - 2014-05-09 16:45 - 00892557 _____ () C:\Users\User\Downloads\-Gerami-HD-Modpack- (3).rar
2014-05-08 18:42 - 2014-05-16 19:57 - 00000000 ____D () C:\Users\User\Desktop\Overlay-by-swiix (3)
2014-05-08 18:42 - 2014-05-08 18:42 - 00798872 _____ () C:\Users\User\Downloads\Overlay-by-swiix (3).rar
2014-05-08 16:57 - 2014-05-08 16:57 - 00124902 _____ () C:\Users\User\Downloads\Bonas Ghosts CC Looks.rar
2014-05-08 16:52 - 2014-05-08 16:52 - 13661550 _____ () C:\Users\User\Downloads\SoundPack by xDeso1337.rar
2014-05-08 14:44 - 2014-05-08 14:45 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-05-08 14:44 - 2014-05-08 14:44 - 00537138 _____ () C:\Users\User\Downloads\vac413.zip
2014-05-08 14:44 - 2014-05-08 14:44 - 00108960 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-05-08 14:44 - 2014-05-08 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-05-08 14:41 - 2014-05-08 14:43 - 00279379 _____ () C:\Users\User\Downloads\VirtualAudioCable409.zip
2014-05-08 14:40 - 2014-05-08 14:40 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Virtual Audio Cable - CHIP-Downloader.exe
2014-05-08 14:37 - 2014-05-31 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Winamp
2014-05-08 14:36 - 2014-05-08 14:36 - 12855384 _____ (Nullsoft, Inc.) C:\Users\User\Downloads\winamp5666_full_de-de_b3516.exe
2014-05-08 14:35 - 2014-05-08 14:35 - 00042311 _____ () C:\Users\User\Downloads\TS3MusicBot-plugin.rar
2014-05-07 19:47 - 2014-05-07 19:48 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeToMP3Converter34430 (1).exe
2014-05-07 16:19 - 2014-05-07 16:19 - 00401185 _____ () C:\Users\User\Downloads\AutoHotkey111500_ansi.zip
2014-05-06 16:58 - 2014-05-06 16:58 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (1).exe
2014-05-06 15:20 - 2014-05-06 15:20 - 00444998 _____ () C:\Users\User\Downloads\Allgemeiner Keybinder (2).zip
2014-05-06 14:40 - 2014-05-06 14:40 - 00352765 _____ () C:\Users\User\Downloads\Beep-Tones by SCProductions.rar
2014-05-05 20:02 - 2014-05-05 20:03 - 121715851 _____ () C:\Users\User\Downloads\Icons (4).rar
2014-05-04 17:06 - 2014-05-09 16:32 - 00000055 _____ () C:\Users\User\Desktop\---.txt
2014-05-04 14:30 - 2014-05-04 14:30 - 01430648 _____ () C:\Users\User\Downloads\Bilder-by-javiguiza.rar
2014-05-04 09:44 - 2014-05-04 09:44 - 22981524 _____ () C:\Users\User\Downloads\GTA SA Backup Skins 123Axell.rar
2014-05-04 09:27 - 2014-05-04 09:27 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (1).zip
2014-05-03 16:29 - 2014-05-03 16:29 - 00378583 _____ () C:\Users\User\Downloads\Chromatic Editing 200 subs CC pack.rar
2014-05-03 10:37 - 2014-05-03 10:49 - 00000831 _____ () C:\Users\User\Desktop\FBI Bewerbunggespräch.txt
2014-05-02 11:20 - 2014-05-02 11:20 - 00286640 _____ () C:\Windows\Minidump\050214-22308-01.dmp
2014-05-01 21:59 - 2014-05-01 21:59 - 00015869 _____ () C:\Users\User\Downloads\BULLSfisticon.rar
2014-05-01 21:51 - 2014-05-01 21:51 - 00635315 _____ () C:\Users\User\Downloads\Storm Sounds (1).zip
2014-05-01 21:49 - 2014-05-01 21:49 - 00378947 _____ () C:\Users\User\Downloads\Detektiv-Skillbot (1).rar
2014-05-01 16:03 - 2014-05-01 16:03 - 01088395 _____ () C:\Users\User\Downloads\Skin-edit-by-Johnisson.rar
2014-05-01 13:36 - 2014-05-01 13:36 - 00320103 _____ () C:\Users\User\Downloads\Yakuza-brillenSkin-Red.rar
2014-05-01 13:17 - 2014-05-01 13:17 - 00188505 _____ () C:\Users\User\Downloads\Yakuza-Anzug-Skins-colored.rar
2014-05-01 13:14 - 2014-05-01 13:14 - 00049449 _____ () C:\Users\User\Downloads\Interface (8).rar
2014-05-01 13:10 - 2014-05-01 13:10 - 00113716 _____ () C:\Users\User\Downloads\Interface - BluZe.rar
2014-05-01 13:06 - 2014-05-01 13:06 - 00416994 _____ () C:\Users\User\Downloads\Interface-Cataldi.rar
2014-05-01 12:56 - 2014-05-01 12:56 - 00049449 _____ () C:\Users\User\Downloads\Interface (7).rar
2014-05-01 10:58 - 2014-05-01 10:58 - 01169275 _____ () C:\Users\User\Downloads\3--Icons-by-caTaLdi (1).rar
==================== One Month Modified Files and Folders =======
2014-05-31 17:26 - 2014-05-31 17:25 - 00012597 _____ () C:\Users\User\Desktop\FRST.txt
2014-05-31 17:26 - 2013-06-13 11:51 - 00000000 ____D () C:\Users\User\AppData\Local\Temp
2014-05-31 17:25 - 2014-05-31 17:25 - 02066944 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-05-31 17:25 - 2014-05-31 17:25 - 02066944 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-05-31 17:25 - 2014-05-31 17:25 - 00000000 ____D () C:\FRST
2014-05-31 17:24 - 2014-04-12 16:22 - 00000000 ____D () C:\AdwCleaner
2014-05-31 17:19 - 2014-05-08 14:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Winamp
2014-05-31 17:19 - 2014-04-11 17:32 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn Hamachi
2014-05-31 17:19 - 2014-01-01 17:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 17:19 - 2013-06-13 12:49 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{148E43A9-7EF6-4727-974F-C29C4A3AB0B6}
2014-05-31 17:16 - 2013-06-13 19:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-31 17:15 - 2013-06-14 15:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2014-05-31 16:57 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 16:57 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 16:55 - 2011-04-12 09:43 - 00709248 _____ () C:\Windows\system32\perfh007.dat
2014-05-31 16:55 - 2011-04-12 09:43 - 00154102 _____ () C:\Windows\system32\perfc007.dat
2014-05-31 16:55 - 2009-07-14 07:13 - 01647172 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-31 16:53 - 2013-06-13 09:47 - 02088562 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 16:51 - 2013-06-19 14:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\IMVU
2014-05-31 16:51 - 2013-06-13 20:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-05-31 16:50 - 2013-08-11 19:37 - 00074423 _____ () C:\Windows\setupact.log
2014-05-31 16:49 - 2013-08-12 14:58 - 00190686 _____ () C:\Windows\PFRO.log
2014-05-31 16:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 16:44 - 2014-05-31 16:44 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AdwCleaner - CHIP-Installer.exe
2014-05-31 16:37 - 2013-06-13 19:22 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 14:39 - 2013-06-13 11:51 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 14:24 - 2014-05-31 14:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\IMVUClient
2014-05-31 14:23 - 2014-05-31 14:22 - 00079248 _____ () C:\Users\User\Downloads\InstallIMVU_502.0_st_c.exe
2014-05-31 13:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-30 18:10 - 2013-11-30 12:44 - 00000000 ____D () C:\Users\User\Desktop\JBG2
2014-05-30 15:43 - 2014-05-30 15:43 - 00379963 _____ () C:\Users\User\Downloads\Yakuza-Keybinder.rar
2014-05-30 15:43 - 2013-11-02 12:39 - 00000020 _____ () C:\Users\User\AppData\Roaming\dx.ini
2014-05-30 08:35 - 2014-05-30 08:35 - 08388904 _____ () C:\Users\User\Downloads\[Hochladen.to Dateien - Files kostenlos hochladen]fonts.txd
2014-05-29 21:15 - 2014-05-29 21:15 - 00161351 _____ () C:\Users\User\Downloads\-ORIGINAL--SKINS.rar
2014-05-29 21:15 - 2014-05-29 21:15 - 00000000 ____D () C:\Users\User\Desktop\-ORIGINAL--SKINS
2014-05-29 18:08 - 2013-07-14 09:54 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-05-29 12:50 - 2013-08-11 19:41 - 00000000 ____D () C:\Users\User\Desktop\Alle SAMP Mods ♥
2014-05-28 16:48 - 2014-05-28 16:42 - 00000000 ____D () C:\rei
2014-05-28 16:43 - 2014-05-28 16:43 - 00000000 ____D () C:\ProgramData\CDB
2014-05-28 16:43 - 2014-05-28 16:42 - 00000163 _____ () C:\Windows\Reimage.ini
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair.exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair (1).exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00000000 ____D () C:\Program Files\Reimage
2014-05-26 15:46 - 2014-05-26 15:45 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (2).zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00412626 _____ () C:\Users\User\Downloads\Freundesliste System.zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00000000 ____D () C:\Users\User\Desktop\Freundesliste System
2014-05-25 09:27 - 2014-03-25 20:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-25 09:27 - 2013-06-13 20:16 - 00000000 ____D () C:\ProgramData\Skype
2014-05-24 20:56 - 2014-05-24 20:56 - 02250240 _____ () C:\Users\User\Downloads\SA-Keybinder.exe
2014-05-24 20:41 - 2014-05-24 20:40 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (2).exe
2014-05-24 10:17 - 2014-05-24 10:17 - 01993005 _____ () C:\Users\User\Downloads\Bilder.rar
2014-05-24 08:32 - 2013-12-22 12:50 - 00000000 ____D () C:\Users\User\Desktop\Sony Vegas
2014-05-23 21:41 - 2014-05-23 21:41 - 00008192 _____ () C:\Users\User\Downloads\Adlerauge.exe
2014-05-23 21:39 - 2014-05-23 21:39 - 00008192 _____ () C:\Users\User\Downloads\SAMP-NameTag-Hack.exe
2014-05-23 20:50 - 2014-05-23 20:50 - 01131529 _____ () C:\Users\User\Downloads\edits.rar
2014-05-23 16:31 - 2013-08-08 17:01 - 00005120 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-22 16:30 - 2014-05-22 16:30 - 00028670 _____ () C:\Users\User\Downloads\peko-ist-geil.wav
2014-05-22 16:25 - 2014-03-16 15:08 - 00000000 ____D () C:\Users\User\Desktop\crashes
2014-05-22 14:30 - 2014-05-21 18:24 - 00000000 ____D () C:\Users\User\Documents\Overlay-Optionen
2014-05-22 14:22 - 2013-06-13 19:13 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-22 14:22 - 2013-06-13 19:13 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-21 19:32 - 2013-09-13 18:28 - 00000000 ____D () C:\Users\User\Desktop\SAMP Original Files
2014-05-21 18:48 - 2014-05-21 18:48 - 26151954 _____ () C:\Users\User\Downloads\GENRL0 (2)
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Downloads\Overlay_1.45.exe
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Desktop\Overlay_1.45.exe
2014-05-21 18:13 - 2014-05-21 18:13 - 24913027 _____ () C:\Users\User\Downloads\PigMussy-Pack.rar
2014-05-21 17:38 - 2014-05-21 17:38 - 08353712 _____ () C:\Users\User\Downloads\Kenny wat is den los mit dir_.mp4
2014-05-19 20:34 - 2014-05-13 19:55 - 00000000 ____D () C:\Users\User\Desktop\frag
2014-05-18 19:29 - 2014-05-18 19:29 - 00004760 _____ () C:\Users\User\Downloads\Weapon.dat - default.ide v3.rar
2014-05-18 10:35 - 2014-05-18 10:35 - 06247465 _____ () C:\Users\User\Downloads\Lagg oder DDos_.mp4
2014-05-17 18:58 - 2014-05-17 18:58 - 06362224 _____ () C:\Users\User\Downloads\Felix_Diesel #Healhack.mp4
2014-05-17 18:37 - 2014-05-17 18:37 - 00000000 ____D () C:\Users\User\Desktop\Deaglepack (1)
2014-05-17 18:37 - 2014-05-17 18:36 - 05643950 _____ () C:\Users\User\Downloads\Deaglepack (1).rar
2014-05-17 16:50 - 2014-05-17 16:50 - 00001174 _____ () C:\Users\User\Desktop\TeamSpeak 3 Client.lnk
2014-05-17 16:50 - 2014-05-17 16:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-05-17 16:50 - 2013-07-30 17:15 - 00000000 ____D () C:\Users\User\AppData\Local\TeamSpeak 3 Client
2014-05-17 16:40 - 2014-05-17 16:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 64 Bit - CHIP-Downloader.exe
2014-05-17 16:39 - 2014-05-17 16:39 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe
2014-05-17 12:44 - 2014-05-17 12:44 - 00080476 _____ () C:\Users\User\Downloads\YakuZa-Skin-f--r-die-Tomate.rar
2014-05-17 12:21 - 2014-05-17 12:21 - 00768428 _____ () C:\Users\User\Downloads\1341069701_HDiconsSAbyZera.zip
2014-05-17 11:43 - 2014-05-17 11:43 - 08388904 _____ () C:\Users\User\Downloads\fonts (4).txd
2014-05-17 11:09 - 2013-06-13 19:22 - 00001286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-17 11:09 - 2013-06-13 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-17 11:09 - 2013-06-13 11:51 - 00000997 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-16 20:32 - 2014-05-16 20:32 - 05220703 _____ () C:\Users\User\Desktop\RPG CITY TEAM USER PRESENTATION !.webm
2014-05-16 19:57 - 2014-05-08 18:42 - 00000000 ____D () C:\Users\User\Desktop\Overlay-by-swiix (3)
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 18:16 - 2013-06-13 19:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 18:16 - 2013-06-13 19:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 18:16 - 2013-06-13 19:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 19:43 - 2014-05-13 19:43 - 00839913 _____ () C:\Users\User\Downloads\Yakuza-Intro.mp4
2014-05-12 20:09 - 2014-05-10 16:30 - 00000000 ____D () C:\Users\User\Desktop\King
2014-05-10 18:45 - 2014-05-10 18:45 - 19568865 _____ () C:\Users\User\Downloads\Fertige-GENRL.rar
2014-05-10 16:30 - 2014-05-10 16:28 - 106494550 _____ () C:\Users\User\Downloads\King.zip
2014-05-10 15:37 - 2014-05-10 15:37 - 00000000 ____D () C:\Users\User\Desktop\selfmadeavi
2014-05-09 18:38 - 2014-05-09 18:38 - 05355643 _____ () C:\Users\User\Downloads\Khalife.zip
2014-05-09 16:46 - 2014-05-09 16:46 - 00000000 ____D () C:\Users\User\Desktop\-Gerami-HD-Modpack- (3)
2014-05-09 16:45 - 2014-05-09 16:45 - 00892557 _____ () C:\Users\User\Downloads\-Gerami-HD-Modpack- (3).rar
2014-05-09 16:32 - 2014-05-04 17:06 - 00000055 _____ () C:\Users\User\Desktop\---.txt
2014-05-08 18:42 - 2014-05-08 18:42 - 00798872 _____ () C:\Users\User\Downloads\Overlay-by-swiix (3).rar
2014-05-08 17:02 - 2014-01-01 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2014-05-08 16:57 - 2014-05-08 16:57 - 00124902 _____ () C:\Users\User\Downloads\Bonas Ghosts CC Looks.rar
2014-05-08 16:52 - 2014-05-08 16:52 - 13661550 _____ () C:\Users\User\Downloads\SoundPack by xDeso1337.rar
2014-05-08 14:45 - 2014-05-08 14:44 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-05-08 14:44 - 2014-05-08 14:44 - 00537138 _____ () C:\Users\User\Downloads\vac413.zip
2014-05-08 14:44 - 2014-05-08 14:44 - 00108960 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-05-08 14:44 - 2014-05-08 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-05-08 14:43 - 2014-05-08 14:41 - 00279379 _____ () C:\Users\User\Downloads\VirtualAudioCable409.zip
2014-05-08 14:40 - 2014-05-08 14:40 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Virtual Audio Cable - CHIP-Downloader.exe
2014-05-08 14:37 - 2014-01-13 17:57 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-05-08 14:36 - 2014-05-08 14:36 - 12855384 _____ (Nullsoft, Inc.) C:\Users\User\Downloads\winamp5666_full_de-de_b3516.exe
2014-05-08 14:35 - 2014-05-08 14:35 - 00042311 _____ () C:\Users\User\Downloads\TS3MusicBot-plugin.rar
2014-05-07 19:49 - 2013-08-25 19:28 - 00001540 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-07 19:49 - 2013-07-07 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-07 19:49 - 2013-07-07 20:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-07 19:48 - 2014-05-07 19:47 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeToMP3Converter34430 (1).exe
2014-05-07 19:48 - 2013-07-07 20:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-05-07 16:19 - 2014-05-07 16:19 - 00401185 _____ () C:\Users\User\Downloads\AutoHotkey111500_ansi.zip
2014-05-06 16:58 - 2014-05-06 16:58 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (1).exe
2014-05-06 15:20 - 2014-05-06 15:20 - 00444998 _____ () C:\Users\User\Downloads\Allgemeiner Keybinder (2).zip
2014-05-06 14:40 - 2014-05-06 14:40 - 00352765 _____ () C:\Users\User\Downloads\Beep-Tones by SCProductions.rar
2014-05-05 20:03 - 2014-05-05 20:02 - 121715851 _____ () C:\Users\User\Downloads\Icons (4).rar
2014-05-04 14:30 - 2014-05-04 14:30 - 01430648 _____ () C:\Users\User\Downloads\Bilder-by-javiguiza.rar
2014-05-04 09:44 - 2014-05-04 09:44 - 22981524 _____ () C:\Users\User\Downloads\GTA SA Backup Skins 123Axell.rar
2014-05-04 09:27 - 2014-05-04 09:27 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (1).zip
2014-05-03 16:29 - 2014-05-03 16:29 - 00378583 _____ () C:\Users\User\Downloads\Chromatic Editing 200 subs CC pack.rar
2014-05-03 10:49 - 2014-05-03 10:37 - 00000831 _____ () C:\Users\User\Desktop\FBI Bewerbunggespräch.txt
2014-05-02 11:20 - 2014-05-02 11:20 - 00286640 _____ () C:\Windows\Minidump\050214-22308-01.dmp
2014-05-02 11:20 - 2014-04-12 10:21 - 316477296 _____ () C:\Windows\MEMORY.DMP
2014-05-02 11:20 - 2013-06-15 20:52 - 00000000 ____D () C:\Windows\Minidump
2014-05-02 11:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-01 21:59 - 2014-05-01 21:59 - 00015869 _____ () C:\Users\User\Downloads\BULLSfisticon.rar
2014-05-01 21:51 - 2014-05-01 21:51 - 00635315 _____ () C:\Users\User\Downloads\Storm Sounds (1).zip
2014-05-01 21:51 - 2013-06-14 16:39 - 00000000 ____D () C:\Users\User\Desktop\Game ♥
2014-05-01 21:49 - 2014-05-01 21:49 - 00378947 _____ () C:\Users\User\Downloads\Detektiv-Skillbot (1).rar
2014-05-01 16:03 - 2014-05-01 16:03 - 01088395 _____ () C:\Users\User\Downloads\Skin-edit-by-Johnisson.rar
2014-05-01 13:36 - 2014-05-01 13:36 - 00320103 _____ () C:\Users\User\Downloads\Yakuza-brillenSkin-Red.rar
2014-05-01 13:17 - 2014-05-01 13:17 - 00188505 _____ () C:\Users\User\Downloads\Yakuza-Anzug-Skins-colored.rar
2014-05-01 13:14 - 2014-05-01 13:14 - 00049449 _____ () C:\Users\User\Downloads\Interface (8).rar
2014-05-01 13:10 - 2014-05-01 13:10 - 00113716 _____ () C:\Users\User\Downloads\Interface - BluZe.rar
2014-05-01 13:06 - 2014-05-01 13:06 - 00416994 _____ () C:\Users\User\Downloads\Interface-Cataldi.rar
2014-05-01 12:56 - 2014-05-01 12:56 - 00049449 _____ () C:\Users\User\Downloads\Interface (7).rar
2014-05-01 10:58 - 2014-05-01 10:58 - 01169275 _____ () C:\Users\User\Downloads\3--Icons-by-caTaLdi (1).rar
Files to move or delete:
====================
C:\Users\User\AppData\Roaming\dx.ini
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\InstallIMVU_502.0.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-10 14:14
==================== End Of Log ============================
Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by User at 2014-05-31 17:26:53
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
AntiCrash 3.6.1 (HKLM-x32\...\{39F8BF57-47FA-4F8D-9404-1B41321743AF}) (Version: - )
AutoHotkey 1.1.14.01 (HKLM-x32\...\AutoHotkey) (Version: 1.1.14.01 - Lexikos)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.235.19 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{2B1F8DD0-873D-4AC3-8400-766F255FE263}) (Version: 8.1.0.1281 - TechSmith Corporation)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CLEO v3.0.950 (HKLM-x32\...\{8FB91814-FE42-4B62-9B54-4B677A420715}_is1) (Version: - Seemann (www.sannybuilder.com))
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dxtory version 2.0.124 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.124 - ExKode Co. Ltd.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.38.423 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.38.423 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
IMVU Avatar Chat Software (HKCU\...\IMVU Avatar chat client software BETA) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.2 - Red Giant Software) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.1 - Notepad++ Team)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sandboxie 4.06 (64-bit) (HKLM\...\Sandboxie) (Version: 4.06 - Sandboxie Holdings, LLC)
SciTE4AutoHotkey v3.0.04 (HKLM-x32\...\SciTE4AutoHotkey) (Version: v3.0.04 - fincs)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
17-05-2014 09:24:55 Windows Update
28-05-2014 14:37:07 Removed System Requirements Lab for Intel
31-05-2014 15:20:31 Removed XSplit
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0D3010E0-AE40-44C9-89E5-1C0DDA7E7B51} - \MySearchDial No Task File <==== ATTENTION
Task: {253F9BC2-1CF0-4D83-9B3F-880166F8C292} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {480C3B2F-9164-434C-A1A9-3EB40DAA0F04} - \PriceMeterLiveUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {4B0CDF8F-9460-4281-9E08-8EBC74B9BB13} - \PriceMeterLiveUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {54EB0E28-0F94-4E82-A21E-710D6C482D1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-13] (Google Inc.)
Task: {558AC428-01AB-496F-97B5-D661CDE8A229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-13] (Google Inc.)
Task: {59179B25-AD1A-433F-8827-CD2A0CEF9141} - \BrowserDefendert No Task File <==== ATTENTION
Task: {5C9B5541-252E-4273-AAD3-1D00A5E6CA4C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {867B102B-6D97-4576-9E90-F9F30E4083F2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {96EFB2BB-E37A-4C46-AE47-EEEA03AB84C8} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {97169AD0-9ACE-4C1D-B309-8FC96B68727E} - \Dealply No Task File <==== ATTENTION
Task: {AB04294C-250F-4926-B189-8C3E9C7DE56F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {C1E92974-A63C-4E29-80C6-77801B6EF052} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {C99732FB-4EA5-4AC4-A004-CBEC2A92735D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {D5A01C56-9DC9-4630-B883-4A9336CC6C72} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {F124AA82-88EA-46D2-8DA3-C208AE268264} - \pricemeterdownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef348ab479b3a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Oxy.job => C:\Users\User\AppData\Roaming\Oxy\Updater.exe
Task: C:\Windows\Tasks\PDR11.exe_20130707_205027_0738.job => C:\Program Files\CyberLink\PowerDirector11\PDR11.exe
Task: C:\Windows\Tasks\RDReminder.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\RunOW.job => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
==================== Loaded Modules (whitelisted) =============
2014-01-31 14:20 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00102344 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00108488 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00563656 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00577480 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-01-28 15:10 - 2014-01-23 07:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-28 15:10 - 2014-01-23 07:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-28 15:10 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-28 15:10 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-28 15:10 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
2014-02-20 17:11 - 2014-02-20 17:11 - 13632904 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\User\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\User\AppData\Roaming:NT
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AntiCrash.lnk => C:\Windows\pss\AntiCrash.lnk.Startup
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/31/2014 04:51:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2014 04:50:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (05/31/2014 04:50:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (05/31/2014 04:50:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (05/31/2014 04:49:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/31/2014 04:49:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/31/2014 04:49:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/31/2014 04:49:11 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (05/31/2014 01:45:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2014 01:43:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (05/31/2014 04:50:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/31/2014 01:44:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sitzungs-Manager für Desktopfenster-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Programmkompatibilitäts-Assistent-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Netzwerkverbindungen" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Zugriff auf Eingabegeräte" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/31/2014 01:41:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Offlinedateien" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (05/31/2014 04:51:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2014 04:50:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (05/31/2014 04:50:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (05/31/2014 04:50:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (05/31/2014 04:49:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (05/31/2014 04:49:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (05/31/2014 04:49:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (05/31/2014 04:49:11 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (05/31/2014 01:45:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2014 01:43:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8043.86 MB
Available physical RAM: 5681.56 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13699.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:222.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Disk_2) (CDROM) (Total:5.55 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 2A180AE6)
Partition 1: (Active) - (Size=681 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
31.05.2014, 17:52
| #3 | |
| /// TB-Ausbilder | Ads by OnlineBrowserAdvertising entfernen? Bitte lies meine Posts genau durch, sonst dauert es nur länger...
__________________Zitat:
|
|
31.05.2014, 20:28
| #4 |
| | Ads by OnlineBrowserAdvertising entfernen? Oh Entschuldigung, ich habe Ccleaner, Adwcleaner und Spyhunter ausprobiert. Ich habe die Programme nicht mehr auf dem PC kann ich die Logdateien noch irgentwie wieder finden? |
|
31.05.2014, 20:31
| #5 |
| /// TB-Ausbilder | Ads by OnlineBrowserAdvertising entfernen? Servus, SpyHunter bitte wieder deinstallieren, das Programm verspricht viel, kann aber gar nichts. Zudem wird es von den meisten selbst als Fake Tool angesehen. Dann geht es so weiter: Scan mit Combofix
|
|
Hybrid-Darstellung
