Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.06.2014, 00:16   #1
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



Hallo ich habe ein problem bei Sandboxie immer wenn ich es starte kommt

D:\Program Files\Sandboxie\Start.exe
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen
erhalten Sie vom Systemadministrator.

Ich habe Sandboxie neu Instaliert und es kam die selbe nachricht bei PC neustart bringt es auch nichts und restart über Dienste bringt auch nichts was könnte das sein bzw. wie könnte man es beheben?

Alt 01.06.2014, 06:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.06.2014, 18:32   #3
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



So Ich habe den Scan jetzt durchlaufen lassen
__________________
Angehängte Dateien
Dateityp: txt Addition.txt (47,3 KB, 188x aufgerufen)
Dateityp: txt FRST.txt (37,3 KB, 163x aufgerufen)

Geändert von svendief (02.06.2014 um 18:39 Uhr)

Alt 03.06.2014, 19:30   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.06.2014, 01:06   #5
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



so ok mein 2. versuch tut mir leid das ich jz einwenig ziemlich blöd war XD


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01
Ran by Sven (administrator) on SVEN-PC on 02-06-2014 18:32:08
Running from D:\Users\Sven\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) D:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) D:\ProgramData\WPM\wprotectmanager.exe
(AMD) D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) D:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(DeviceVM, Inc.) D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Microsoft Corporation) D:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) D:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AnchorFree Inc.) D:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(ASUSTeK Computer Inc.) D:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Saitek) D:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) D:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Akamai Technologies, Inc.) D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) D:\Program Files (x86)\Skype\Phone\Skype.exe
(DeviceVM, Inc.) D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) D:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Aeria Games & Entertainment) D:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Akamai Technologies, Inc.) D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe
(Brother Industries, Ltd.) D:\Program Files (x86)\Browny02\BrYNSvc.exe
(AnchorFree Inc.) D:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
() D:\Windows\SysWOW64\WinMsgBalloonServer.exe
() D:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Microsoft Corporation) D:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Conduit) D:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
() D:\Program Files (x86)\GameforgeLive\gfl_client.exe
(Oracle Corporation) D:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [ProfilerU] => D:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => D:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => D:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [BCU] => D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [411864 2010-03-05] (DeviceVM, Inc.)
HKLM-x32\...\Run: [Cpu Level Up help] => D:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] => D:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BrStsMon00] => D:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Aeria Ignite] => D:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Arc] => D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [129360 2014-05-20] (Perfect World Entertainment)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM Group Policy restriction on software: D:\Program Files\Sandboxie <====== ATTENTION
HKU\.DEFAULT\...\RunOnce: [SPReview] - D:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-28] (Microsoft Corporation)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [BitTorrent] => D:\Users\Sven\AppData\Roaming\BitTorrent\BitTorrent.exe [1238864 2014-05-15] (BitTorrent Inc.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Akamai NetSession Interface] => D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Skype] => D:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [AnboBcat] => regsvr32.exe "D:\ProgramData\AnboBcat.dat"
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\RunOnce: [Application Restart #2] - D:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\MountPoints2: {3bcf66e5-aaa0-11e3-9672-14dae9524143} - G:\INSTALL.EXE
Startup: D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
ShortcutTarget: Orbit.lnk -> D:\Program Files (x86)\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&ts=1393410981&type=default&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFE0C1FCE5311CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&ts=1393410981
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&ts=1393410981&type=default&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mysearch.avg.com?cid={6476C965-EBEF-4BC7-A179-236AD0054964}&mid=c5458168d5da47d2a339d14acce4e9e6-4d739d14135f7c1cc976fcf1ede263a4f2d54edf&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-26 17:54:02&v=18.1.0.443&pid=safeguard&sg=&sap=hp
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM - DefaultScope {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
SearchScopes: HKLM - {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={6476C965-EBEF-4BC7-A179-236AD0054964}&mid=c5458168d5da47d2a339d14acce4e9e6-4d739d14135f7c1cc976fcf1ede263a4f2d54edf&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-26 17:54:02&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP84A5CD7A-1EA2-4260-95EE-5CA3ED6B8FE4&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&ts=1393410981&type=default&q={searchTerms}
SearchScopes: HKCU - {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={6476C965-EBEF-4BC7-A179-236AD0054964}&mid=c5458168d5da47d2a339d14acce4e9e6-4d739d14135f7c1cc976fcf1ede263a4f2d54edf&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-26 17:54:02&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D1FD30FD-C21E-4c68-A01C-4D27795A6F1E} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {FF34D94C-2381-45f2-B8F9-D90B6FED67D4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: HDvid Codec V7.0 - {11111111-1111-1111-1111-110411901142} - D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-bho64.dll (installdaddy)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - D:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: HDvid Codec V7.0 - {11111111-1111-1111-1111-110411901142} - D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-bho.dll (installdaddy)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - D:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Rich Media View - {3ca4d879-f33d-4f52-bdf8-53c6ce7fb09b} - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ie\RichMediaViewV1release1179.dll ()
BHO-x32: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - D:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Media Watch - {9462a82e-e3ce-4693-a81f-030a6926b8ce} - D:\Program Files (x86)\MediaWatchV1\MediaWatchV1home105\ie\MediaWatchV1home105.dll ()
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Media Buzz - {b8788dc7-1139-45a5-80dd-e5b1840eacd3} - D:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ie\MediaBuzzV1mode7583.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - D:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - D:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll No File
Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - D:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - D:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll No File
Toolbar: HKCU - No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{C910842C-1DD1-406A-9717-D4BF88859DE9}: [NameServer]192.168.178.63,192.168.178.1

FireFox:
========
FF ProfilePath: D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Mysearchdial
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - D:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - D:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - D:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - D:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - D:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @viewpoint.com/VMP - D:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - D:\Users\Sven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\user.js
FF Plugin ProgramFiles/Appdata: D:\Program Files (x86)\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: D:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF SearchPlugin: D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - D:\Users\Sven\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-01-28]
FF Extension: HDvid Codec V7.0 - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\Extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com [2014-03-23]
FF Extension: mysearchdial.com - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\Extensions\ffxtlbr@mysearchdial.com [2014-04-25]
FF Extension: Quick Start - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\Extensions\quick_start@gmail.com [2014-03-23]
FF Extension: No Name - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\Extensions\staged [2014-05-25]
FF Extension: AOL Toolbar - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2014-03-24]
FF Extension: MySearchDial NewTab - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-04-25]
FF Extension: Hotspot Shield Extension - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-05-10]
FF Extension: Skype Click to Call - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF Extension: Media Player - D:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha8016\ff [2014-02-10]
FF Extension: Media Viewer - D:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1863\ff [2014-02-24]
FF Extension: Media View - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2489\ff [2014-02-27]
FF Extension: Media View - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5395\ff [2014-03-15]
FF Extension: Media Watch - D:\Program Files (x86)\MediaWatchV1\MediaWatchV1home105\ff [2014-03-22]
FF Extension: Media Buzz - D:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff [2014-04-25]
FF Extension: Rich Media View - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [2014-05-13]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha8016.net] - D:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha8016\ff
FF Extension: Media Player - D:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha8016\ff [2014-02-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1863.net] - D:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1863\ff
FF Extension: Media Viewer - D:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1863\ff [2014-02-24]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\quick_start@gmail.com [2014-03-23]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha2489.net] - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2489\ff
FF Extension: Media View - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2489\ff [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha5395.net] - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5395\ff
FF Extension: Media View - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5395\ff [2014-03-15]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home105.net] - D:\Program Files (x86)\MediaWatchV1\MediaWatchV1home105\ff
FF Extension: Media Watch - D:\Program Files (x86)\MediaWatchV1\MediaWatchV1home105\ff [2014-03-22]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode7583.net] - D:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff
FF Extension: Media Buzz - D:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release1179.net] - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff
FF Extension: Rich Media View - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [2014-05-13]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - D:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - D:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&ts=1393410981

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP84A5CD7A-1EA2-4260-95EE-5CA3ED6B8FE4&SSPV=
CHR StartupUrls: "hxxp://www.google.de/", "hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=", "hxxp://mysearch.avg.com?cid={6476C965-EBEF-4BC7-A179-236AD0054964}&mid=c5458168d5da47d2a339d14acce4e9e6-4d739d14135f7c1cc976fcf1ede263a4f2d54edf&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-26 17:54:02&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR Extension: (Google Docs) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (Media Viewer) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcphaolmjpmhfkmhbjohjkmlojdebgm [2014-02-24]
CHR Extension: (YouTube) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Adblock Plus) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-25]
CHR Extension: (Google-Suche) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Media Watch) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgealogfonjbaemapgbgbgfibplladnn [2014-03-22]
CHR Extension: (Media View) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfmhnehcigahmefdogigamdidmifoehl [2014-03-15]
CHR Extension: (AdBlock) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-25]
CHR Extension: (Media Buzz) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkpeifjhlnepbmkfingkijmnffgjoaj [2014-04-25]
CHR Extension: (DVDVideoSoft) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-02-11]
CHR Extension: (Google Wallet) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Rich Media View) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochdbafdjjcmmcmlfdmooffpdkcjjppa [2014-05-13]
CHR Extension: (Extended Protection) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (Google Mail) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - D:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-02-10]
CHR HKLM-x32\...\Chrome\Extension: [bfcphaolmjpmhfkmhbjohjkmlojdebgm] - D:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1863\ch\MediaViewerV1alpha1863.crx [2014-02-23]
CHR HKLM-x32\...\Chrome\Extension: [enfbhcnjglobcjphmbihpeeckcmkomaj] - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2489\ch\MediaViewV1alpha2489.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [fgealogfonjbaemapgbgbgfibplladnn] - D:\Program Files (x86)\MediaWatchV1\MediaWatchV1home105\ch\MediaWatchV1home105.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [gfmhnehcigahmefdogigamdidmifoehl] - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5395\ch\MediaViewV1alpha5395.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - D:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mnkpeifjhlnepbmkfingkijmnffgjoaj] - D:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ch\MediaBuzzV1mode7583.crx [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [ochdbafdjjcmmcmlfdmooffpdkcjjppa] - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ch\RichMediaViewV1release1179.crx [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 ArcService; D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-05-20] (Perfect World Entertainment Inc)
R2 AsSysCtrlService; D:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S4 BstHdAndroidSvc; D:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; D:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; D:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; D:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
U2 CltMngSvc; D:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2470688 2014-04-08] (Conduit)
R2 hshld; D:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.)
S3 HssTrayService; D:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
R2 IePluginService; D:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MSSQL$SVEN; d:\Program Files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\sqlservr.exe [61916000 2011-04-24] (Microsoft Corporation)
R2 NvNetworkService; D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S4 SQLAgent$SVEN; d:\Program Files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\SQLAGENT.EXE [428384 2011-04-24] (Microsoft Corporation)
R2 Wpm; D:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R1 AsIO; D:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; D:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 BstHdDrv; D:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 dtsoftbus01; D:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-13] (Disc Soft Ltd)
R1 HssDRV6; D:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; D:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SaiK1713; D:\Windows\System32\DRIVERS\SaiK1713.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; D:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; D:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1713; D:\Windows\System32\DRIVERS\SaiU1713.sys [47168 2012-09-20] (Saitek)
R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R3 taphss6; D:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 ALSysIO; \??\D:\Users\Sven\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\D:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\D:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\D:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 XFDriver64; \??\D:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
S3 xhunter1; \??\D:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-02 18:28 - 2014-06-02 18:31 - 00048472 _____ () D:\Users\Sven\Desktop\Addition.txt
2014-06-02 18:26 - 2014-06-02 18:32 - 00038205 _____ () D:\Users\Sven\Desktop\FRST.txt
2014-06-02 18:26 - 2014-06-02 18:32 - 00000000 ____D () D:\FRST
2014-06-02 18:25 - 2014-06-02 18:25 - 02067456 _____ (Farbar) D:\Users\Sven\Desktop\FRST64.exe
2014-06-01 00:14 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\Desktop\IMG_01062014_000101.rar
2014-06-01 00:13 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\IMG_01062014_000101.rar
2014-05-31 23:07 - 2014-05-31 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-05-31 23:06 - 2014-05-31 23:06 - 00000000 ____D () D:\Program Files\Sandboxie
2014-05-31 22:54 - 2014-05-31 22:54 - 02656264 _____ (Sandboxie Holdings, LLC) D:\Users\Sven\Desktop\SandboxieInstall.exe
2014-05-31 22:35 - 2014-05-31 22:40 - 03932226 _____ () D:\Users\Sven\Documents\wtzui68o9.bmp
2014-05-28 21:19 - 2014-05-28 21:19 - 00001263 _____ () D:\Users\Sven\Desktop\Lena Online Patcher - Verknüpfung.lnk
2014-05-28 07:40 - 2014-05-28 07:40 - 00000714 _____ () D:\Users\Sven\Documents\Config.rar
2014-05-27 22:39 - 2014-05-29 22:59 - 00281600 _____ () D:\ProgramData\AnboBcat.dat
2014-05-26 18:05 - 2014-05-26 18:11 - 00001946 _____ () D:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-05-26 17:54 - 2014-05-26 18:07 - 00000000 ____D () D:\ProgramData\AVG Security Toolbar
2014-05-26 17:53 - 2014-05-26 18:07 - 00000000 ____D () D:\Program Files (x86)\AVG SafeGuard toolbar
2014-05-25 21:39 - 2014-05-25 21:39 - 00000000 ____D () D:\Users\Sven\Desktop\Atlantica_MTRUE
2014-05-25 20:35 - 2014-05-25 20:35 - 00000926 _____ () D:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\Program Files (x86)\LogMeIn Hamachi
2014-05-25 19:38 - 2014-05-25 19:38 - 00000184 _____ () D:\Users\Sven\Desktop\Play Ignis.url
2014-05-25 18:42 - 2014-05-26 21:36 - 00000000 ____D () D:\Program Files (x86)\Extrinsic Studio
2014-05-25 18:14 - 2014-05-17 04:35 - 00044744 _____ (AnchorFree Inc.) D:\Windows\system32\Drivers\hssdrv6.sys
2014-05-25 06:55 - 2014-05-25 06:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TuneUp Software
2014-05-25 06:46 - 2014-05-27 16:25 - 00000000 ____D () D:\ProgramData\MFAData
2014-05-25 06:46 - 2014-05-25 06:46 - 00000000 ____D () D:\Users\Sven\AppData\Local\MFAData
2014-05-25 06:45 - 2014-05-25 06:45 - 152430976 _____ (AVG Technologies) D:\Users\Sven\Desktop\avg_free_x86_all_2014_4592a7484.exe
2014-05-25 05:56 - 2014-05-25 05:56 - 06406144 _____ () D:\Users\Sven\Desktop\Hamachi-2.2.0.130.msi
2014-05-25 05:25 - 2014-05-25 05:49 - 00000599 _____ () D:\Users\Sven\Desktop\Skype addy.txt
2014-05-23 14:34 - 2014-05-23 14:34 - 00000000 ____D () D:\Users\Sven\Desktop\Skillet - It's Not Me It's You (Lyrics)
2014-05-22 21:23 - 2014-05-22 21:23 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Brother
2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-05-21 10:34 - 2014-05-21 10:34 - 00013507 _____ () D:\Users\Sven\Desktop\Unbenannt 1245.odt
2014-05-21 03:45 - 2014-05-21 03:47 - 00013854 _____ () D:\Users\Sven\Desktop\Unbenannt 1.odt
2014-05-21 01:50 - 2014-05-21 03:21 - 00020232 _____ () D:\Users\Sven\Documents\Ohne Titel.veg
2014-05-21 01:50 - 2014-05-21 01:50 - 00018768 _____ () D:\Users\Sven\Documents\Ohne Titel.veg.bak
2014-05-21 00:15 - 2014-05-21 00:15 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00001063 _____ () D:\Users\Public\Desktop\XMedia Recode.lnk
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\Program Files (x86)\XMedia Recode
2014-05-21 00:10 - 2014-05-21 00:10 - 07546805 _____ (XMedia Recode ) D:\Users\Sven\Desktop\XMediaRecode3187_setup.exe
2014-05-20 21:59 - 2014-05-22 20:11 - 00000806 _____ () D:\Users\Sven\Desktop\CoreTemp.ini
2014-05-20 21:59 - 2014-05-20 21:59 - 00000011 _____ () D:\Users\Sven\Desktop\Plugins.ini
2014-05-20 21:58 - 2014-05-20 21:58 - 00188736 _____ () D:\Users\Sven\Desktop\CoreTemp_64bit_0.99.5.27_PCMASTERS.DE.rar
2014-05-20 21:58 - 2009-08-05 13:28 - 00018868 _____ () D:\Users\Sven\Desktop\Changes.txt
2014-05-20 21:58 - 2009-08-05 13:24 - 00472592 _____ () D:\Users\Sven\Desktop\Core Temp.exe
2014-05-20 21:58 - 2008-04-22 00:50 - 00003547 _____ () D:\Users\Sven\Desktop\ReadMe!.txt
2014-05-20 11:08 - 2014-05-20 12:52 - 4218159104 _____ () D:\Users\Sven\Documents\DrakenSangLP.mxf
2014-05-20 11:03 - 2014-05-20 11:05 - 00013888 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4.sfk
2014-05-20 11:01 - 2014-05-20 11:01 - 01218658 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4
2014-05-19 22:04 - 2014-05-19 22:04 - 00002656 _____ () D:\Users\Sven\Documents\Vegas Pro registrieren.htm
2014-05-19 21:27 - 2014-05-20 10:13 - 07763684 _____ () D:\Users\Sven\Desktop\DSC_0003.JPG.part
2014-05-19 20:50 - 2014-05-19 20:50 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files (x86)\Sony
2014-05-19 19:55 - 2014-05-19 19:56 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Publish Providers
2014-05-19 19:47 - 2014-05-19 20:49 - 00000000 ____D () D:\Users\Sven\AppData\Local\Sony
2014-05-19 19:47 - 2014-05-19 20:49 - 00000000 ____D () D:\ProgramData\Sony
2014-05-19 19:46 - 2014-05-20 11:08 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Sony
2014-05-19 19:43 - 2014-05-19 19:44 - 277095929 _____ () D:\Users\Sven\Downloads\SVP_12.zip
2014-05-19 17:50 - 2014-05-21 19:00 - 00000000 ____D () D:\Program Files (x86)\Drakensang Online
2014-05-19 17:48 - 2014-05-19 17:49 - 08988296 _____ () D:\Users\Sven\Desktop\DrakensangOnlineSetup.exe
2014-05-19 17:34 - 2014-05-22 17:43 - 00003858 _____ () D:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389728356
2014-05-18 00:24 - 2014-05-18 00:24 - 00000029 _____ () D:\ValveUnhandledExceptionFilter.txt
2014-05-17 19:32 - 2014-05-17 19:37 - 55171247 _____ () D:\Users\Sven\Desktop\l4d2_2013.zip
2014-05-17 02:42 - 2014-05-17 02:42 - 00042184 _____ (Anchorfree Inc.) D:\Windows\system32\Drivers\taphss6.sys
2014-05-17 02:34 - 2014-05-17 02:34 - 00000000 ____D () D:\Users\Sven\Documents\Rockstar Games
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __SHD () D:\ProgramData\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __RHD () D:\Users\Sven\AppData\Roaming\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 ____D () D:\Users\Sven\AppData\Local\Rockstar Games
2014-05-17 02:11 - 2014-05-25 00:23 - 00001978 _____ () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2014-05-16 22:53 - 2012-08-13 06:02 - 00034887 _____ () D:\Users\Sven\Desktop\Grand Theft Auto IV full game PC + Multiplayer ^^nosTEAM^^.torrent
2014-05-15 02:50 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-05-15 02:50 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-05-15 02:50 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-05-15 02:50 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-05-14 10:18 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-05-14 10:18 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-05-14 10:18 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) D:\Windows\system32\shell32.dll
2014-05-14 10:18 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) D:\Windows\SysWOW64\shell32.dll
2014-05-14 10:17 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 10:17 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 10:17 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) D:\Windows\system32\lsasrv.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) D:\Windows\system32\sspicli.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) D:\Windows\system32\lsass.exe
2014-05-14 10:17 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) D:\Windows\system32\sspisrv.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) D:\Windows\system32\secur32.dll
2014-05-14 10:17 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\secur32.dll
2014-05-14 10:17 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) D:\Windows\SysWOW64\sspicli.dll
2014-05-14 10:17 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) D:\Windows\system32\ntoskrnl.exe
2014-05-14 10:17 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) D:\Windows\system32\kerberos.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) D:\Windows\system32\objsel.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) D:\Windows\system32\KernelBase.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) D:\Windows\system32\schannel.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) D:\Windows\system32\msv1_0.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) D:\Windows\system32\wdigest.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) D:\Windows\system32\TSpkg.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) D:\Windows\system32\wincredprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) D:\Windows\system32\winlogon.exe
2014-05-14 10:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) D:\Windows\system32\cngprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\adprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) D:\Windows\system32\capiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) D:\Windows\system32\dpapiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) D:\Windows\system32\dimsroam.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\credssp.dll
2014-05-14 10:17 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 10:17 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 10:17 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\kerberos.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) D:\Windows\SysWOW64\objsel.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msv1_0.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) D:\Windows\SysWOW64\schannel.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wdigest.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) D:\Windows\SysWOW64\TSpkg.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) D:\Windows\SysWOW64\cngprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) D:\Windows\SysWOW64\adprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) D:\Windows\SysWOW64\capiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dimsroam.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) D:\Windows\SysWOW64\credssp.dll
2014-05-14 10:17 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) D:\Windows\SysWOW64\KernelBase.dll
2014-05-13 21:26 - 2014-05-13 21:26 - 00000000 ____D () D:\Program Files (x86)\RichMediaViewV1
2014-05-11 16:53 - 2014-05-12 00:42 - 00001270 _____ () D:\Users\Sven\Desktop\Sry.txt
2014-05-11 03:43 - 2014-05-17 00:46 - 00000078 _____ () D:\Users\Sven\Desktop\Zombies Ate My Pizza.url
2014-05-10 17:41 - 2014-05-25 18:15 - 00001048 _____ () D:\Users\Public\Desktop\Hotspot Shield.lnk
2014-05-10 17:41 - 2014-05-25 18:15 - 00000000 ____D () D:\Program Files (x86)\Hotspot Shield
2014-05-10 17:41 - 2014-05-10 17:41 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2014-05-10 17:41 - 2014-05-10 17:41 - 00000000 ____D () D:\ProgramData\Hotspot Shield
2014-05-10 04:15 - 2014-05-10 04:15 - 00629584 _____ (Chip Digital GmbH) D:\Users\Sven\Desktop\Hotspot Shield VPN - CHIP-Downloader.exe
2014-05-03 23:43 - 2014-05-03 23:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

==================== One Month Modified Files and Folders =======

2014-06-02 18:32 - 2014-06-02 18:26 - 00038205 _____ () D:\Users\Sven\Desktop\FRST.txt
2014-06-02 18:32 - 2014-06-02 18:26 - 00000000 ____D () D:\FRST
2014-06-02 18:32 - 2014-01-14 20:05 - 00000000 ____D () D:\Users\Sven\AppData\Local\Temp
2014-06-02 18:31 - 2014-06-02 18:28 - 00048472 _____ () D:\Users\Sven\Desktop\Addition.txt
2014-06-02 18:29 - 2014-01-19 14:23 - 00000884 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-02 18:25 - 2014-06-02 18:25 - 02067456 _____ (Farbar) D:\Users\Sven\Desktop\FRST64.exe
2014-06-02 18:22 - 2009-07-14 06:51 - 00068369 _____ () D:\Windows\setupact.log
2014-06-02 18:20 - 2014-01-14 20:13 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Skype
2014-06-02 18:17 - 2014-01-21 20:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TS3Client
2014-06-02 18:17 - 2014-01-14 19:51 - 01720180 _____ () D:\Windows\WindowsUpdate.log
2014-06-02 18:08 - 2009-07-14 06:45 - 00014336 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 18:08 - 2009-07-14 06:45 - 00014336 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 18:07 - 2014-04-27 18:00 - 00000000 ____D () D:\Users\Sven\Downloads\Gameforge Live
2014-06-02 18:07 - 2014-01-14 23:36 - 00000000 ____D () D:\Users\Sven\AppData\Local\LogMeIn Hamachi
2014-06-02 18:06 - 2014-02-11 19:11 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\BitTorrent
2014-06-02 18:06 - 2014-02-10 01:17 - 00000000 ____D () D:\Program Files (x86)\Steam
2014-06-02 18:06 - 2014-01-14 21:59 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Orbit
2014-06-02 18:04 - 2014-01-21 22:38 - 00000352 _____ () D:\Windows\Tasks\AmiUpdXp.job
2014-06-02 18:04 - 2009-07-14 05:20 - 00000000 ___RD () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 18:03 - 2014-01-19 14:23 - 00002224 _____ () D:\Windows\Tasks\HDvid Codec V7.0-firefoxinstaller.job
2014-06-02 18:03 - 2014-01-19 14:23 - 00002140 _____ () D:\Windows\Tasks\HDvid Codec V7.0-chromeinstaller-dev.job
2014-06-02 18:03 - 2014-01-19 14:23 - 00001356 _____ () D:\Windows\Tasks\HDvid Codec V7.0-updater.job
2014-06-02 18:03 - 2014-01-19 14:23 - 00001298 _____ () D:\Windows\Tasks\HDvid Codec V7.0-codedownloader.job
2014-06-02 18:03 - 2014-01-19 14:23 - 00001180 _____ () D:\Windows\Tasks\HDvid Codec V7.0-enabler.job
2014-06-02 18:03 - 2014-01-14 20:54 - 00000000 ____D () D:\ProgramData\NVIDIA
2014-06-02 18:03 - 2014-01-14 20:10 - 00001102 _____ () D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-02 18:03 - 2009-07-14 07:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT
2014-06-01 00:29 - 2014-02-10 22:26 - 00002036 __RSH () D:\ProgramData\ntuser.pol
2014-06-01 00:14 - 2014-01-14 20:05 - 00000000 ____D () D:\Users\Sven
2014-06-01 00:13 - 2014-06-01 00:14 - 00592349 _____ () D:\Users\Sven\Desktop\IMG_01062014_000101.rar
2014-06-01 00:13 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\IMG_01062014_000101.rar
2014-06-01 00:00 - 2014-04-18 03:10 - 00000000 ____D () D:\Users\Sven\AppData\Local\Paint.NET
2014-05-31 23:40 - 2014-01-14 20:10 - 00001106 _____ () D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 23:07 - 2014-05-31 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-05-31 23:06 - 2014-05-31 23:06 - 00000000 ____D () D:\Program Files\Sandboxie
2014-05-31 22:54 - 2014-05-31 22:54 - 02656264 _____ (Sandboxie Holdings, LLC) D:\Users\Sven\Desktop\SandboxieInstall.exe
2014-05-31 22:40 - 2014-05-31 22:35 - 03932226 _____ () D:\Users\Sven\Documents\wtzui68o9.bmp
2014-05-31 02:39 - 2013-03-22 19:07 - 00000000 ____D () D:\Download
2014-05-30 23:39 - 2014-02-10 23:10 - 00000000 ____D () D:\Users\Sven\Desktop\Musik
2014-05-29 22:59 - 2014-05-27 22:39 - 00281600 _____ () D:\ProgramData\AnboBcat.dat
2014-05-28 21:19 - 2014-05-28 21:19 - 00001263 _____ () D:\Users\Sven\Desktop\Lena Online Patcher - Verknüpfung.lnk
2014-05-28 07:40 - 2014-05-28 07:40 - 00000714 _____ () D:\Users\Sven\Documents\Config.rar
2014-05-28 03:52 - 2014-02-10 22:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\vlc
2014-05-27 20:16 - 2014-04-19 20:33 - 00000000 ____D () D:\Users\Sven\Desktop\Programme
2014-05-27 16:25 - 2014-05-25 06:46 - 00000000 ____D () D:\ProgramData\MFAData
2014-05-27 16:25 - 2014-01-14 20:58 - 00468406 _____ () D:\Windows\PFRO.log
2014-05-26 21:36 - 2014-05-25 18:42 - 00000000 ____D () D:\Program Files (x86)\Extrinsic Studio
2014-05-26 18:11 - 2014-05-26 18:05 - 00001946 _____ () D:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-05-26 18:11 - 2014-01-16 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-05-26 18:07 - 2014-05-26 17:54 - 00000000 ____D () D:\ProgramData\AVG Security Toolbar
2014-05-26 18:07 - 2014-05-26 17:53 - 00000000 ____D () D:\Program Files (x86)\AVG SafeGuard toolbar
2014-05-26 18:02 - 2014-03-16 14:33 - 00000000 ____D () D:\Users\Sven\Desktop\Games
2014-05-26 18:00 - 2014-01-21 22:39 - 00000000 ____D () D:\ProgramData\WPM
2014-05-25 21:39 - 2014-05-25 21:39 - 00000000 ____D () D:\Users\Sven\Desktop\Atlantica_MTRUE
2014-05-25 20:35 - 2014-05-25 20:35 - 00000926 _____ () D:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\Program Files (x86)\LogMeIn Hamachi
2014-05-25 20:17 - 2014-04-23 22:24 - 00000000 ____D () D:\Users\Sven\Desktop\Fraps
2014-05-25 20:03 - 2014-04-19 20:26 - 00000000 ____D () D:\Users\Sven\Desktop\Fiesta Server
2014-05-25 20:02 - 2014-01-17 00:31 - 00000000 ____D () D:\Users\Sven\Desktop\Bilder
2014-05-25 19:38 - 2014-05-25 19:38 - 00000184 _____ () D:\Users\Sven\Desktop\Play Ignis.url
2014-05-25 18:15 - 2014-05-10 17:41 - 00001048 _____ () D:\Users\Public\Desktop\Hotspot Shield.lnk
2014-05-25 18:15 - 2014-05-10 17:41 - 00000000 ____D () D:\Program Files (x86)\Hotspot Shield
2014-05-25 07:23 - 2014-01-19 14:23 - 00000000 ____D () D:\Program Files (x86)\HDvid Codec V7.0
2014-05-25 07:18 - 2014-01-21 22:40 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\newnext.me
2014-05-25 07:18 - 2014-01-21 22:38 - 00000000 ____D () D:\Users\Sven\AppData\Local\Lollipop
2014-05-25 06:55 - 2014-05-25 06:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TuneUp Software
2014-05-25 06:46 - 2014-05-25 06:46 - 00000000 ____D () D:\Users\Sven\AppData\Local\MFAData
2014-05-25 06:45 - 2014-05-25 06:45 - 152430976 _____ (AVG Technologies) D:\Users\Sven\Desktop\avg_free_x86_all_2014_4592a7484.exe
2014-05-25 05:56 - 2014-05-25 05:56 - 06406144 _____ () D:\Users\Sven\Desktop\Hamachi-2.2.0.130.msi
2014-05-25 05:49 - 2014-05-25 05:25 - 00000599 _____ () D:\Users\Sven\Desktop\Skype addy.txt
2014-05-25 00:23 - 2014-05-17 02:11 - 00001978 _____ () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2014-05-23 20:05 - 2014-01-16 23:07 - 00000000 ____D () D:\Program Files (x86)\GameforgeLive
2014-05-23 14:36 - 2009-07-14 19:58 - 00765006 _____ () D:\Windows\system32\perfh007.dat
2014-05-23 14:36 - 2009-07-14 19:58 - 00173756 _____ () D:\Windows\system32\perfc007.dat
2014-05-23 14:36 - 2009-07-14 07:13 - 01804038 _____ () D:\Windows\system32\PerfStringBackup.INI
2014-05-23 14:34 - 2014-05-23 14:34 - 00000000 ____D () D:\Users\Sven\Desktop\Skillet - It's Not Me It's You (Lyrics)
2014-05-22 21:23 - 2014-05-22 21:23 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Brother
2014-05-22 20:11 - 2014-05-20 21:59 - 00000806 _____ () D:\Users\Sven\Desktop\CoreTemp.ini
2014-05-22 17:43 - 2014-05-19 17:34 - 00003858 _____ () D:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389728356
2014-05-22 17:43 - 2014-01-14 21:39 - 00000000 ____D () D:\Program Files (x86)\Opera Next
2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-05-21 19:00 - 2014-05-19 17:50 - 00000000 ____D () D:\Program Files (x86)\Drakensang Online
2014-05-21 10:34 - 2014-05-21 10:34 - 00013507 _____ () D:\Users\Sven\Desktop\Unbenannt 1245.odt
2014-05-21 03:47 - 2014-05-21 03:45 - 00013854 _____ () D:\Users\Sven\Desktop\Unbenannt 1.odt
2014-05-21 03:21 - 2014-05-21 01:50 - 00020232 _____ () D:\Users\Sven\Documents\Ohne Titel.veg
2014-05-21 01:50 - 2014-05-21 01:50 - 00018768 _____ () D:\Users\Sven\Documents\Ohne Titel.veg.bak
2014-05-21 00:15 - 2014-05-21 00:15 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00001063 _____ () D:\Users\Public\Desktop\XMedia Recode.lnk
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\Program Files (x86)\XMedia Recode
2014-05-21 00:10 - 2014-05-21 00:10 - 07546805 _____ (XMedia Recode ) D:\Users\Sven\Desktop\XMediaRecode3187_setup.exe
2014-05-20 21:59 - 2014-05-20 21:59 - 00000011 _____ () D:\Users\Sven\Desktop\Plugins.ini
2014-05-20 21:58 - 2014-05-20 21:58 - 00188736 _____ () D:\Users\Sven\Desktop\CoreTemp_64bit_0.99.5.27_PCMASTERS.DE.rar
2014-05-20 20:21 - 2014-01-14 20:13 - 00000000 ____D () D:\ProgramData\Skype
2014-05-20 20:20 - 2014-04-25 17:16 - 00000000 ___RD () D:\Program Files (x86)\Skype
2014-05-20 12:52 - 2014-05-20 11:08 - 4218159104 _____ () D:\Users\Sven\Documents\DrakenSangLP.mxf
2014-05-20 11:08 - 2014-05-19 19:46 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Sony
2014-05-20 11:05 - 2014-05-20 11:03 - 00013888 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4.sfk
2014-05-20 11:01 - 2014-05-20 11:01 - 01218658 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4
2014-05-20 10:13 - 2014-05-19 21:27 - 07763684 _____ () D:\Users\Sven\Desktop\DSC_0003.JPG.part
2014-05-19 22:04 - 2014-05-19 22:04 - 00002656 _____ () D:\Users\Sven\Documents\Vegas Pro registrieren.htm
2014-05-19 20:50 - 2014-05-19 20:50 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files (x86)\Sony
2014-05-19 20:49 - 2014-05-19 19:47 - 00000000 ____D () D:\Users\Sven\AppData\Local\Sony
2014-05-19 20:49 - 2014-05-19 19:47 - 00000000 ____D () D:\ProgramData\Sony
2014-05-19 19:56 - 2014-05-19 19:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Publish Providers
2014-05-19 19:44 - 2014-05-19 19:43 - 277095929 _____ () D:\Users\Sven\Downloads\SVP_12.zip
2014-05-19 17:49 - 2014-05-19 17:48 - 08988296 _____ () D:\Users\Sven\Desktop\DrakensangOnlineSetup.exe
2014-05-18 00:24 - 2014-05-18 00:24 - 00000029 _____ () D:\ValveUnhandledExceptionFilter.txt
2014-05-17 19:37 - 2014-05-17 19:32 - 55171247 _____ () D:\Users\Sven\Desktop\l4d2_2013.zip
2014-05-17 04:35 - 2014-05-25 18:14 - 00044744 _____ (AnchorFree Inc.) D:\Windows\system32\Drivers\hssdrv6.sys
2014-05-17 02:42 - 2014-05-17 02:42 - 00042184 _____ (Anchorfree Inc.) D:\Windows\system32\Drivers\taphss6.sys
2014-05-17 02:34 - 2014-05-17 02:34 - 00000000 ____D () D:\Users\Sven\Documents\Rockstar Games
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __SHD () D:\ProgramData\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __RHD () D:\Users\Sven\AppData\Roaming\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 ____D () D:\Users\Sven\AppData\Local\Rockstar Games
2014-05-17 00:46 - 2014-05-11 03:43 - 00000078 _____ () D:\Users\Sven\Desktop\Zombies Ate My Pizza.url
2014-05-15 16:20 - 2014-01-14 20:05 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:20 - 2014-01-14 20:05 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:16 - 2014-04-30 03:00 - 00000000 ___SD () D:\Windows\system32\CompatTel
2014-05-15 16:15 - 2009-07-14 05:20 - 00000000 ____D () D:\Windows\PolicyDefinitions
2014-05-14 20:55 - 2014-04-04 19:17 - 00000000 ____D () D:\Users\Sven\Documents\~ Au
2014-05-13 21:26 - 2014-05-13 21:26 - 00000000 ____D () D:\Program Files (x86)\RichMediaViewV1
2014-05-12 19:17 - 2014-05-02 20:18 - 00000000 ____D () D:\Users\Sven\Desktop\MCWoW 2.4.3
2014-05-12 16:31 - 2014-03-26 14:20 - 00000000 ____D () D:\Users\Sven\AppData\Local\P4tcher
2014-05-12 00:42 - 2014-05-11 16:53 - 00001270 _____ () D:\Users\Sven\Desktop\Sry.txt
2014-05-11 17:00 - 2009-07-14 05:20 - 00000000 ____D () D:\Windows\system32\NDF
2014-05-10 17:41 - 2014-05-10 17:41 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2014-05-10 17:41 - 2014-05-10 17:41 - 00000000 ____D () D:\ProgramData\Hotspot Shield
2014-05-10 17:39 - 2014-01-14 22:00 - 00000000 _____ () D:\END
2014-05-10 04:18 - 2014-01-14 22:00 - 00000000 ____D () D:\Program Files (x86)\SearchProtect
2014-05-10 04:15 - 2014-05-10 04:15 - 00629584 _____ (Chip Digital GmbH) D:\Users\Sven\Desktop\Hotspot Shield VPN - CHIP-Downloader.exe
2014-05-09 08:14 - 2014-05-14 10:18 - 00477184 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 10:18 - 00424448 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-05-07 22:34 - 2014-01-14 21:05 - 00001102 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-07 21:35 - 2014-01-14 20:10 - 00004102 _____ () D:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 21:35 - 2014-01-14 20:10 - 00003850 _____ () D:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-15 02:50 - 23544320 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 02:50 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 02:50 - 17382912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 02:50 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 02:50 - 00084992 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 02:50 - 00069632 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-05-03 23:43 - 2014-05-03 23:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

Files to move or delete:
====================
D:\ProgramData\AnboBcat.dat
D:\Users\Sven\AutomaticUpdater.dll
D:\Users\Sven\binkw32.dll
D:\Users\Sven\DBNetwork.IndigoSxS.dll
D:\Users\Sven\iw5m.dll
D:\Users\Sven\iw5mp.exe
D:\Users\Sven\iw5mp_server.exe
D:\Users\Sven\iw5sp.exe
D:\Users\Sven\libnp.dll
D:\Users\Sven\LinqBridge.dll
D:\Users\Sven\mss32.dll
D:\Users\Sven\multi-player.exe
D:\Users\Sven\MW3 Launcher Update.exe
D:\Users\Sven\MW3 Launcher.exe
D:\Users\Sven\single-player.exe
D:\Users\Sven\SteamAPIUpdater.dll
D:\Users\Sven\steamclient.dll
D:\Users\Sven\steam_api.dll
D:\Users\Sven\TeknoMW3.dll
D:\Users\Sven\tier0_s.dll
D:\Users\Sven\update-mw3.bat
D:\Users\Sven\UpdateDLLWrapper.dll
D:\Users\Sven\VMProtectSDK32.dll
D:\Users\Sven\vstdlib_s.dll


Some content of TEMP:
====================
D:\Users\Sven\AppData\Local\Temp\3b19eb3d4cb673b2c89587e9fb9171cb.dll
D:\Users\Sven\AppData\Local\Temp\4602657683342e931c151352386901fc.dll
D:\Users\Sven\AppData\Local\Temp\9c4f2905f141b201486a9721a43ee4cd.dll
D:\Users\Sven\AppData\Local\Temp\a1619160c05c39b3c24299fe81cfa2a9.dll
D:\Users\Sven\AppData\Local\Temp\AcsInstall.dll
D:\Users\Sven\AppData\Local\Temp\ad5b9b8e2db4cead7420d05fd08ec50c.dll
D:\Users\Sven\AppData\Local\Temp\appinstal1.exe
D:\Users\Sven\AppData\Local\Temp\applinstall.exe
D:\Users\Sven\AppData\Local\Temp\drm_dyndata_7380014.dll
D:\Users\Sven\AppData\Local\Temp\HssInstaller.exe
D:\Users\Sven\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter (1).exe
D:\Users\Sven\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter.exe
D:\Users\Sven\AppData\Local\Temp\NGMDll.dll
D:\Users\Sven\AppData\Local\Temp\NGMResource.dll
D:\Users\Sven\AppData\Local\Temp\nsb994D.exe
D:\Users\Sven\AppData\Local\Temp\nsg6FF8.exe
D:\Users\Sven\AppData\Local\Temp\nsg7269.exe
D:\Users\Sven\AppData\Local\Temp\nsg748C.exe
D:\Users\Sven\AppData\Local\Temp\nsg9BDD.exe
D:\Users\Sven\AppData\Local\Temp\nsw9585.exe
D:\Users\Sven\AppData\Local\Temp\nvSCPAPI.dll
D:\Users\Sven\AppData\Local\Temp\nvStInst.exe
D:\Users\Sven\AppData\Local\Temp\PrefJsonCpp.exe
D:\Users\Sven\AppData\Local\Temp\set-app.exe
D:\Users\Sven\AppData\Local\Temp\setapp.exe
D:\Users\Sven\AppData\Local\Temp\Setup-a.exe
D:\Users\Sven\AppData\Local\Temp\Setup2.exe
D:\Users\Sven\AppData\Local\Temp\SHFOLDER.DLL
D:\Users\Sven\AppData\Local\Temp\speedupmypc.exe
D:\Users\Sven\AppData\Local\Temp\SPSetup.exe
D:\Users\Sven\AppData\Local\Temp\sqlite3.exe
D:\Users\Sven\AppData\Local\Temp\swt-win32-3349.dll
D:\Users\Sven\AppData\Local\Temp\tmp527B.exe
D:\Users\Sven\AppData\Local\Temp\unicows.dll
D:\Users\Sven\AppData\Local\Temp\UNINSTALL.EXE
D:\Users\Sven\AppData\Local\Temp\utt4774.tmp.exe
D:\Users\Sven\AppData\Local\Temp\vcredist_x64.exe
D:\Users\Sven\AppData\Local\Temp\xbmc-12.2.exe
D:\Users\Sven\AppData\Local\Temp\_ReMarkit_up.exe


==================== Bamital & volsnap Check =================

D:\Windows\System32\winlogon.exe => MD5 is legit
D:\Windows\System32\wininit.exe => MD5 is legit
D:\Windows\SysWOW64\wininit.exe => MD5 is legit
D:\Windows\explorer.exe => MD5 is legit
D:\Windows\SysWOW64\explorer.exe => MD5 is legit
D:\Windows\System32\svchost.exe => MD5 is legit
D:\Windows\SysWOW64\svchost.exe => MD5 is legit
D:\Windows\System32\services.exe => MD5 is legit
D:\Windows\System32\User32.dll => MD5 is legit
D:\Windows\SysWOW64\User32.dll => MD5 is legit
D:\Windows\System32\userinit.exe => MD5 is legit
D:\Windows\SysWOW64\userinit.exe => MD5 is legit
D:\Windows\System32\rpcss.dll => MD5 is legit
D:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-14 05:13

==================== End Of Log ============================
         
--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014 01
Ran by Sven at 2014-06-02 18:32:35
Running from D:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
Alliance of Valiant Arms DE (HKLM-x32\...\Alliance of Valiant Arms DE) (Version:  - )
AOL Toolbar (HKCU\...\AOL Toolbar) (Version:  - )
AOL Toolbar (HKLM-x32\...\AOL Toolbar) (Version:  - )
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
BlackShot Á¦°Å (HKLM-x32\...\BlackShot) (Version:  - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
CryOnline (HKLM-x32\...\CryOnline) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DNDownloader version 1.2 (HKLM-x32\...\DNDownloader_is1) (Version: 1.2 - )
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION
Dragon Nest Europe (HKLM-x32\...\Dragon Nest Europe) (Version:  - )
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Extreme Cabal version 1.5 (HKLM-x32\...\{8953F16B-42D8-414F-AAA6-00F6BFD94711}_is1) (Version: 1.5 - Extreme Cabal, Inc.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.33.424 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.33.424 - DVDVideoSoft Ltd.)
Game Cam 2.6.1.0 (HKLM-x32\...\Game Cam) (Version: 2.6.1.0 - Game Cam Portal, Inc.)
Gameforge Live 2.0.3 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.3 - Gameforge)
GDR 1617 für SQL Server 2008 R2 (KB2494088) (64-bit) (HKLM\...\KB2494088) (Version: 10.50.1617.0 - Microsoft Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HDvid Codec V7.0 (HKLM-x32\...\HDvid Codec V7.0) (Version: 1.33.153.1 - installdaddy) <==== ATTENTION
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}.KB947789) (Version: 1 - Microsoft Corporation)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Lollipop (HKCU\...\lollipop_05221207) (Version:  - Lollipop Network, S.L.) <==== ATTENTION
Media Buzz (HKLM-x32\...\MediaBuzzV1mode7583) (Version: 1.1 - Media Buzz) <==== ATTENTION
Media Player (HKLM-x32\...\MediaPlayerV1alpha8016) (Version: 1.1 - Media Player) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha2489) (Version: 1.1 - Media View) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha5395) (Version: 1.1 - Media View) <==== ATTENTION
Media Viewer (HKLM-x32\...\MediaViewerV1alpha1863) (Version: 1.1 - Media Viewer) <==== ATTENTION
Media Watch (HKLM-x32\...\MediaWatchV1home105) (Version: 1.1 - Media Watch) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{362A3FDF-B12E-436A-9097-1B795A9FFCC5}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{79FB3E7E-FD92-49A9-AAD1-193EE4CB85D3}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Richtlinien (HKLM-x32\...\{78033A38-50E2-4A65-823F-C1B34DF9FE41}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{8DD113A8-811A-404E-A4D7-443D014946AC}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU (HKLM-x32\...\{3888A22E-1A9E-4DBE-A93B-42385141F37D}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Odin 1.00 (HKLM-x32\...\Odin 1.00) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Next 22.0.1471.40 (HKLM-x32\...\Opera 22.0.1471.40) (Version: 22.0.1471.40 - Opera Software ASA)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version:  - www.orbitdownloader.com)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Rich Media View (HKLM-x32\...\RichMediaViewV1release1179) (Version: 1.1 - Rich Media View) <==== ATTENTION
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
S4 League_EU (HKLM-x32\...\{0D8F9B2D-ACCC-45A7-9D1C-261153D800DD}) (Version: 1.00.0000 - )
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTION
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Skyrim Online Mod version r3 (HKLM-x32\...\{719B4740-7A1C-42B7-BA78-0CB2486EE714}_is1) (Version: r3 - Skyrim Online)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00) (Version:  - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
vertical 8.0 Version 8.0 (HKLM-x32\...\{3980FAC3-C393-44A8-83DE-D8865C1F5A92}_is1) (Version: 8.0 - )
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
XMedia Recode Version 3.1.8.7 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.7 - XMedia Recode)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A D:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02BE0588-55D5-4695-B5B8-6163221ED019} - System32\Tasks\RunOW => D:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
Task: {12225468-B7B3-42DE-A189-15C239893A23} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19] (Adobe Systems Incorporated)
Task: {2CE8A091-52C1-4861-AD64-8454750C1B05} - System32\Tasks\ASUS\ASUS RegRun Loader => D:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {3CEBFDC6-38D0-4EA6-8D75-CD3E95D252A7} - System32\Tasks\Opera scheduled Autoupdate 1389728356 => D:\Program Files (x86)\Opera Next\launcher.exe [2014-05-22] (Opera Software)
Task: {595969F5-F90E-44BC-9838-28E01B4380CA} - System32\Tasks\GoogleUpdateTaskMachineCore => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {64FAC01B-D417-4793-8709-5112F29BAEEF} - System32\Tasks\HDvid Codec V7.0-codedownloader => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-codedownloader.exe <==== ATTENTION
Task: {8B7B2168-6793-481E-97C5-BF8FFA94D01F} - System32\Tasks\HDvid Codec V7.0-firefoxinstaller => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-firefoxinstaller.exe <==== ATTENTION
Task: {957F22CC-D8EE-4D09-8692-5906ADDBF56B} - System32\Tasks\GoogleUpdateTaskMachineUA => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {A87809B4-DA7D-4A41-85E3-C5A1BAB2C6A8} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => D:\Program Files\ASUS\Ai Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {CBCF9BB6-254C-4AE6-B466-8D84C9CEB6C5} - System32\Tasks\{C0236C93-7C71-4189-8A59-34569938BE24} => D:\Users\Sven\Downloads\CODBO2-FULL.exe
Task: {CC8981E3-172B-4A73-8CF7-BEE105B5689B} - System32\Tasks\ASUS\ASUS Update Checker => D:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {DA21E1D7-9F87-4155-B8DC-A0A15342F1CA} - System32\Tasks\ASUS\ASUS SIX Engine => D:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {DCCFA5D2-3C5C-4CA5-B660-A1BC26CFEEC4} - System32\Tasks\HDvid Codec V7.0-enabler => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-enabler.exe <==== ATTENTION
Task: {E8E3BC16-93E8-4EE5-874A-7412C0318BE3} - System32\Tasks\HDvid Codec V7.0-chromeinstaller-dev => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-chromeinstaller.exe <==== ATTENTION
Task: {ED3A0D6F-6024-4CD9-8CB4-ACEE6BCE7C9F} - System32\Tasks\AmiUpdXp => D:\Users\Sven\AppData\Local\SwvUpdater\Updater.exe [2014-01-21] (Amonetizé Ltd) <==== ATTENTION
Task: {F6C44896-1D82-41AC-9252-34C8E53B8E21} - System32\Tasks\HDvid Codec V7.0-updater => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-updater.exe <==== ATTENTION
Task: {FDE6EE2F-4448-43B6-A344-4864766C6A4C} - System32\Tasks\{E4188078-43B8-44FB-B318-A97EC4635E45} => D:\Program Files (x86)\Extreme Cabal\cabal.exe [2013-01-17] (Extreme Cabal)
Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\Windows\Tasks\AmiUpdXp.job => D:\Users\Sven\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: D:\Windows\Tasks\HDvid Codec V7.0-chromeinstaller-dev.job => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-chromeinstaller.exe <==== ATTENTION
Task: D:\Windows\Tasks\HDvid Codec V7.0-codedownloader.job => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-codedownloader.exe <==== ATTENTION
Task: D:\Windows\Tasks\HDvid Codec V7.0-enabler.job => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-enabler.exe <==== ATTENTION
Task: D:\Windows\Tasks\HDvid Codec V7.0-firefoxinstaller.job => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-firefoxinstaller.exe <==== ATTENTION
Task: D:\Windows\Tasks\HDvid Codec V7.0-updater.job => D:\Program Files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-03-25 20:01 - 2013-03-15 06:16 - 00086304 _____ () D:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-12-15 18:40 - 2009-12-15 18:40 - 00065536 _____ () D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2009-12-15 18:40 - 2009-12-15 18:40 - 00122880 _____ () D:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 18:41 - 2009-12-15 18:41 - 00139264 _____ () D:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-01-16 23:07 - 2014-05-19 16:12 - 03000704 _____ () D:\Program Files (x86)\GameforgeLive\gfl_client.exe
2014-01-19 14:23 - 2014-01-19 14:23 - 00490496 _____ () D:\program files (x86)\hdvid codec v7.0\HDvid Codec V7.0-buttonutil64.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00173568 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 01080832 _____ () D:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00833024 _____ () D:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00102344 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00108488 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00030208 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00233984 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00563656 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00577480 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00159232 _____ () D:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2009-12-16 00:44 - 2009-12-16 00:44 - 00516096 _____ () D:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () D:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () D:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-01-14 20:20 - 2009-03-19 23:35 - 00208896 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2014-01-14 20:20 - 2009-03-19 23:35 - 00008704 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2014-01-14 20:20 - 2009-01-15 15:55 - 00565248 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-01-14 20:20 - 2009-03-25 17:53 - 00053248 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2009-07-31 22:39 - 2009-07-31 22:39 - 00503202 _____ () D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2014-02-07 20:18 - 2009-02-27 17:38 - 00139264 ____R () D:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-01-16 23:07 - 2013-05-02 13:17 - 00088064 _____ () D:\Program Files (x86)\GameforgeLive\libgcc_s_sjlj-1.dll
2014-01-16 23:07 - 2013-05-02 13:17 - 00863744 _____ () D:\Program Files (x86)\GameforgeLive\libstdc++-6.dll
2014-01-16 23:07 - 2013-05-02 13:17 - 01765301 _____ () D:\Program Files (x86)\GameforgeLive\libgcrypt-11.dll
2014-01-16 23:07 - 2013-05-02 13:17 - 00126959 _____ () D:\Program Files (x86)\GameforgeLive\libgpg-error-0.dll
2014-01-16 23:07 - 2013-08-19 14:23 - 00530432 _____ () D:\Program Files (x86)\GameforgeLive\log4qt.dll
2014-01-16 23:07 - 2014-05-12 11:23 - 00141312 _____ () D:\Program Files (x86)\GameforgeLive\qjson.dll
2014-01-31 20:59 - 2014-01-07 10:59 - 05686669 _____ () D:\Program Files (x86)\GameforgeLive\libtorrent.dll
2014-01-31 20:59 - 2014-01-07 10:59 - 00097659 _____ () D:\Program Files (x86)\GameforgeLive\libboost_system-mgw47-mt-1_53.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00716616 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00126280 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 04217672 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00414536 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 01732424 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 13695816 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: D:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: winzipersvc => 2
MSCONFIG\startupfolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orbit.lnk => D:\Windows\pss\Orbit.lnk.CommonStartup
MSCONFIG\startupreg: BitTorrent => "D:\Users\Sven\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => D:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: HostManager => D:\Program Files (x86)\Common Files\AOL\1395673567\ee\AOLSoftware.exe
MSCONFIG\startupreg: IminentMessenger => D:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Turbo Key => "D:\Program Files\ASUS\Turbo Key\TurboKey.exe"
MSCONFIG\startupreg: Xfire => D:\Program Files (x86)\Xfire2\Xfire.exe

==================== Faulty Device Manager Devices =============

Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2014 00:14:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/01/2014 00:14:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: D:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/31/2014 11:02:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: D:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/31/2014 11:02:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/26/2014 02:59:02 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/26/2014 02:59:02 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=3800} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/26/2014 02:59:02 PM) (Source: ESENT) (EventID: 467) (User: )
Description: Windows (6112) Windows: Datenbank D:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Index System_ThumbnailCacheId0 von Tabelle SystemIndex_0A ist beschädigt (0).

Error: (05/25/2014 09:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avgidsagent.exe, Version: 14.0.0.4592, Zeitstempel: 0x53720ea2
Name des fehlerhaften Moduls: avgidsagent.exe, Version: 14.0.0.4592, Zeitstempel: 0x53720ea2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000dc3b8
ID des fehlerhaften Prozesses: 0x8bc
Startzeit der fehlerhaften Anwendung: 0xavgidsagent.exe0
Pfad der fehlerhaften Anwendung: avgidsagent.exe1
Pfad des fehlerhaften Moduls: avgidsagent.exe2
Berichtskennung: avgidsagent.exe3

Error: (05/25/2014 08:24:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17041, Zeitstempel: 0x531807e4
Name des fehlerhaften Moduls: HDvid Codec V7.0-bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52a4a373
Ausnahmecode: 0xc0000005
Fehleroffset: 0x03248f18
ID des fehlerhaften Prozesses: 0x2248
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (05/25/2014 05:57:58 AM) (Source: MsiInstaller) (EventID: 10005) (User: Sven-PC)
Description: Product: LogMeIn Hamachi -- Auf Ihrem System wurde eine neuere Version (2.2.0.193) von Hamachi gefunden. Bitte deinstallieren Sie diese, um ein Downgrade durchzuführen, bevor Sie mit der Installation fortfahren.


System errors:
=============
Error: (06/02/2014 06:11:58 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/02/2014 06:08:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (06/02/2014 06:05:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/02/2014 06:04:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/02/2014 06:04:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (06/02/2014 06:03:39 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolume3" den Befehl "chkdsk" aus.

Error: (06/02/2014 06:03:38 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolume3" den Befehl "chkdsk" aus.

Error: (06/02/2014 05:36:36 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "C:" den Befehl "chkdsk" aus.

Error: (06/02/2014 05:36:35 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "F:" den Befehl "chkdsk" aus.

Error: (06/02/2014 05:36:09 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "D:" den Befehl "chkdsk" aus.


Microsoft Office Sessions:
=========================
Error: (06/01/2014 00:14:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"D:\Users\Sven\Downloads\vcredist_arm.exe

Error: (06/01/2014 00:14:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Users\Sven\Downloads\SoftonicDownloader_for_aol.exe

Error: (05/31/2014 11:02:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: D:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Users\Sven\Downloads\SoftonicDownloader_for_aol.exe

Error: (05/31/2014 11:02:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"D:\Users\Sven\Downloads\vcredist_arm.exe

Error: (05/26/2014 02:59:02 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (05/26/2014 02:59:02 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
3800

Error: (05/26/2014 02:59:02 PM) (Source: ESENT) (EventID: 467) (User: )
Description: Windows6112Windows: System_ThumbnailCacheId0SystemIndex_0AD:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb0

Error: (05/25/2014 09:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgidsagent.exe14.0.0.459253720ea2avgidsagent.exe14.0.0.459253720ea2c0000005000dc3b88bc01cf78478f2f943dD:\Program Files (x86)\AVG\AVG2014\avgidsagent.exeD:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe04e493f4-e446-11e3-aae4-00038a000015

Error: (05/25/2014 08:24:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17041531807e4HDvid Codec V7.0-bho.dll_unloaded0.0.0.052a4a373c000000503248f18224801cf7845d5490039D:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEHDvid Codec V7.0-bho.dllbe6f6107-e439-11e3-b1af-00038a000015

Error: (05/25/2014 05:57:58 AM) (Source: MsiInstaller) (EventID: 10005) (User: Sven-PC)
Description: Product: LogMeIn Hamachi -- Auf Ihrem System wurde eine neuere Version (2.2.0.193) von Hamachi gefunden. Bitte deinstallieren Sie diese, um ein Downgrade durchzuführen, bevor Sie mit der Installation fortfahren.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-03-09 19:57:59.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.305
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.265
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.115
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:58.959
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:58.829
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:58.749
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:52:51.969
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.001\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 8174.12 MB
Available physical RAM: 4381.69 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 12604.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.28 GB) (Free:8.32 GB) NTFS
Drive d: () (Fixed) (Total:443.13 GB) (Free:18.05 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (SKYRIM_EN) (CDROM) (Total:5.12 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A04065B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=443 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Alt 04.06.2014, 20:02   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM Group Policy restriction on software: D:\Program Files\Sandboxie <====== ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.

Alt 04.06.2014, 21:36   #7
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



So ich habe die fixlist auf dem desktop gespeichert und dann den fix buttom gedrückt // ich konnte mit revo uninstaller alles löschen was mit attetion makiert war. ich musste ja nach dem fix kein erneuten scan machen dafür oder?

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by Sven at 2014-06-04 20:14:39 Run:1
Running from D:\Users\Sven\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: D:\Program Files\Sandboxie <====== ATTENTION
         
*****************

HKLM => Group Policy Restriction on software restored successfully.

==== End of Fixlog ====
         

Alt 05.06.2014, 20:18   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



was ist mit COmbofix?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.06.2014, 23:09   #9
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



So das jz noch der combofix //hatte es so verstanden wenn sachen die ich nicht deinstalieren konnte da sind muss ich den erst machen sonst nicht.

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-06-04.01 - Sven 05.06.2014  22:23:38.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8174.4494 [GMT 2:00]
ausgeführt von:: d:\users\Sven\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
D:\END
D:\Install.exe
d:\program files (x86)\MediaBuzzV1
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ch\MediaBuzzV1mode7583.crx
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff\chrome.manifest
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff\chrome\content\ffMediaBuzzV1mode7583.js
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff\chrome\content\ffMediaBuzzV1mode7583ffaction.js
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff\chrome\content\icons\default\MediaBuzzV1mode7583_32.png
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff\chrome\content\icons\Thumbs.db
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff\chrome\content\overlay.xul
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ff\install.rdf
d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ie\MediaBuzzV1mode7583.dll
d:\program files (x86)\MediaPlayerV1
d:\program files (x86)\MediaViewerV1
d:\program files (x86)\MediaViewV1
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ch\MediaViewV1alpha5395.crx
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ff\chrome.manifest
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ff\chrome\content\ffMediaViewV1alpha5395.js
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ff\chrome\content\ffMediaViewV1alpha5395ffaction.js
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ff\chrome\content\icons\default\MediaViewV1alpha5395_32.png
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ff\chrome\content\icons\Thumbs.db
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ff\chrome\content\overlay.xul
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\ff\install.rdf
d:\program files (x86)\MediaViewV1\MediaViewV1alpha5395\uninstall.exe
d:\program files (x86)\MediaWatchV1
d:\program files (x86)\RichMediaViewV1
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ch\RichMediaViewV1release1179.crx
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff\chrome.manifest
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff\chrome\content\ffRichMediaViewV1release1179.js
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff\chrome\content\ffRichMediaViewV1release1179ffaction.js
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff\chrome\content\icons\default\RichMediaViewV1release1179_32.png
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff\chrome\content\icons\Thumbs.db
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff\chrome\content\overlay.xul
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff\install.rdf
d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ie\RichMediaViewV1release1179.dll
d:\programdata\AnboBcat.dat
d:\users\Sven\AppData\Roaming\Microsoft\Windows\Recent\Zombies Ate My Pizza.url
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome.manifest
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\asyncDB.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\background.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\browserAction.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\contextMenu.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\dbManager.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\dom_bg.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\fileManager.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefox.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefoxNotifications.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefoxOmnibox.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\message.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\pageAction.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\request.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\tabs.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\webRequest.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\windowsMessagingHandler.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\background.html
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\baseObject.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\browser.xul
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\addressBarChangeObserver.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\console.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\consts.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\delegate.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\extensionDataStore.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\folderIOWrapper.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\httpObserver.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\IDBWrapper.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\installer.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\logFile.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\prefs.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\progressListenerObserver.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\registry.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\reloadObserver.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\reports.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\requestObject.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\searchSettings.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\uninstallObserver.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\updateManager.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\utils.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\xhr.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\dialog.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\ffCoreFilesIndex.txt
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\main.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\options.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\options.xul
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\platformVersion.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\search_dialog.xul
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\defaults\preferences\prefs.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\manifest.xml
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins.json
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1_base.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000020_analytics.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000025_analyticsFront.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000030_mz.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\102_dealply_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\103_intext_5_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\104_jollywallet_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\123_intext_adv_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\126_revizer_ws_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\13_CrossriderAppUtils.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\14_CrossriderUtils.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\155_ibario_pops_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\16_FFAppAPIWrapper.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\17_jQuery.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\175_coolmirage_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\177_crossriderDashboard.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\180_bpo_serp_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\182_openUrl.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\183_tabsWrapper.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\207_dbWrapper.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\21_debug.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\22_resources.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\223_imonomy_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\242_price_gong_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\246_setup.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\28_initializer.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\4_jquery_1_7_1.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\47_resources_background.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\64_appApiMessage.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\72_appApiValidation.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\78_CrossriderInfo.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\91_monetizationLoader.js.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\93_superfish_no_coupons_m.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\98_omniCommands.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\userCode\background.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\userCode\extension.js
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\install.rdf
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\locale\en-US\translations.dtd
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button1.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button2.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button3.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button4.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button5.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\crossrider_statusbar.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon128.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon16.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon24.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon48.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\panelarrow-up.png
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\popup.html
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\skin.css
d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\update.css
d:\users\Sven\iw5m.dll
d:\users\Sven\iw5mp.exe
d:\users\Sven\iw5mp_server.exe
d:\users\Sven\iw5sp.exe
d:\users\Sven\libnp.dll
d:\users\Sven\multi-player.exe
d:\users\Sven\MW3 Launcher Update.exe
d:\users\Sven\single-player.exe
d:\users\Sven\steam_api.dll
d:\users\Sven\TeknoMW3.dll
d:\users\Sven\UpdateDLLWrapper.dll
d:\users\Sven\VMProtectSDK32.dll
d:\windows\SysWow64\Dump
d:\windows\SysWow64\Dump\MiniDump.dmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-05-05 bis 2014-06-05  ))))))))))))))))))))))))))))))
.
.
2014-06-05 20:46 . 2014-06-05 20:46	--------	d-----w-	d:\users\Default\AppData\Local\temp
2014-06-04 19:27 . 2014-06-04 19:27	--------	d-----w-	d:\program files (x86)\SupTab
2014-06-04 18:18 . 2014-06-04 18:18	--------	d-----w-	d:\program files (x86)\VS Revo Group
2014-06-04 00:03 . 2014-04-30 23:20	10702536	----a-w-	d:\programdata\Microsoft\Windows Defender\Definition Updates\{D22BF6DF-E4E9-4AC6-B097-C1D10052E5A1}\mpengine.dll
2014-06-02 16:26 . 2014-06-04 18:14	--------	d-----w-	D:\FRST
2014-05-31 21:06 . 2014-05-31 21:06	--------	d-----w-	d:\program files\Sandboxie
2014-05-26 15:54 . 2014-05-26 16:07	--------	d-----w-	d:\programdata\AVG Security Toolbar
2014-05-26 15:53 . 2014-05-26 16:07	--------	d-----w-	d:\program files (x86)\AVG SafeGuard toolbar
2014-05-25 18:35 . 2014-05-25 18:35	--------	d-----w-	d:\program files (x86)\LogMeIn Hamachi
2014-05-25 16:42 . 2014-05-26 19:36	--------	d-----w-	d:\program files (x86)\Extrinsic Studio
2014-05-25 16:14 . 2014-05-17 02:35	44744	----a-w-	d:\windows\system32\drivers\hssdrv6.sys
2014-05-25 04:55 . 2014-05-25 04:55	--------	d-----w-	d:\users\Sven\AppData\Roaming\TuneUp Software
2014-05-25 04:46 . 2014-05-27 14:25	--------	d-----w-	d:\programdata\MFAData
2014-05-25 04:46 . 2014-05-25 04:46	--------	d--h--w-	d:\programdata\Common Files
2014-05-25 04:46 . 2014-05-25 04:46	--------	d-----w-	d:\users\Sven\AppData\Local\MFAData
2014-05-22 19:23 . 2014-05-22 19:23	--------	d-----r-	d:\users\Sven\AppData\Roaming\Brother
2014-05-20 22:15 . 2014-05-20 22:15	--------	d-----w-	d:\users\Sven\AppData\Roaming\XMedia Recode
2014-05-20 22:12 . 2014-05-20 22:12	--------	d-----w-	d:\program files (x86)\XMedia Recode
2014-05-20 18:20 . 2014-05-20 18:20	--------	d-----w-	d:\program files (x86)\Common Files\Skype
2014-05-19 18:49 . 2014-05-19 18:49	--------	d-----w-	d:\program files\Sony
2014-05-19 18:49 . 2014-05-19 18:49	--------	d-----w-	d:\program files (x86)\Sony
2014-05-19 17:55 . 2014-05-19 17:56	--------	d-----w-	d:\users\Sven\AppData\Roaming\Publish Providers
2014-05-19 17:47 . 2014-05-19 18:49	--------	d-----w-	d:\users\Sven\AppData\Local\Sony
2014-05-19 17:47 . 2014-05-19 18:49	--------	d-----w-	d:\programdata\Sony
2014-05-19 17:46 . 2014-05-20 09:08	--------	d-----w-	d:\users\Sven\AppData\Roaming\Sony
2014-05-19 15:50 . 2014-05-21 17:00	--------	d-----w-	d:\program files (x86)\Drakensang Online
2014-05-17 00:42 . 2014-05-17 00:42	42184	----a-w-	d:\windows\system32\drivers\taphss6.sys
2014-05-17 00:32 . 2014-05-17 00:32	--------	d-----w-	d:\users\Sven\AppData\Local\Rockstar Games
2014-05-17 00:32 . 2014-05-17 00:32	--------	d-sh--w-	d:\programdata\SecuROM
2014-05-17 00:32 . 2014-05-17 00:32	--------	d--h--r-	d:\users\Sven\AppData\Roaming\SecuROM
2014-05-15 00:50 . 2014-05-06 04:40	23544320	----a-w-	d:\windows\system32\mshtml.dll
2014-05-15 00:50 . 2014-05-06 03:00	84992	----a-w-	d:\windows\system32\mshtmled.dll
2014-05-15 00:50 . 2014-05-06 04:17	2724864	----a-w-	d:\windows\system32\mshtml.tlb
2014-05-15 00:50 . 2014-05-06 03:07	2724864	----a-w-	d:\windows\SysWow64\mshtml.tlb
2014-05-14 08:18 . 2014-03-25 02:43	14175744	----a-w-	d:\windows\system32\shell32.dll
2014-05-14 08:18 . 2014-05-09 06:14	477184	----a-w-	d:\windows\system32\aepdu.dll
2014-05-14 08:18 . 2014-05-09 06:11	424448	----a-w-	d:\windows\system32\aeinv.dll
2014-05-10 15:41 . 2014-05-10 15:41	--------	d-----w-	d:\programdata\Hotspot Shield
2014-05-10 15:41 . 2014-05-25 16:15	--------	d-----w-	d:\program files (x86)\Hotspot Shield
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 07:35 . 2014-01-14 18:24	270496	------w-	d:\windows\system32\MpSigStub.exe
2014-03-24 15:03 . 2014-03-24 15:07	58696	----a-w-	d:\windows\SysWow64\AOLParconLink.exe
2014-03-13 11:44 . 2014-03-13 11:44	283064	----a-w-	d:\windows\system32\drivers\dtsoftbus01.sys
2014-03-13 11:43 . 2014-03-13 11:43	231376	----a-w-	d:\windows\system32\drivers\truecrypt.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-05-30 10:34	297128	----a-w-	d:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-26 22:55	223432	----a-w-	d:\users\Sven\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-26 22:55	223432	----a-w-	d:\users\Sven\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-26 22:55	223432	----a-w-	d:\users\Sven\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\Steam.exe" [2014-05-29 1754816]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Akamai NetSession Interface"="d:\users\Sven\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"Skype"="d:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="d:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"Cpu Level Up help"="d:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2009-12-28 887936]
"Adobe Reader Speed Launcher"="d:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="d:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"BrStsMon00"="d:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;d:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;d:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;d:\program files (x86)\Skype\Updater\Updater.exe;d:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Wpm;Wpm Service;d:\programdata\WPM\wprotectmanager.exe;d:\programdata\WPM\wprotectmanager.exe [x]
R3 ALSysIO;ALSysIO;d:\users\Sven\AppData\Local\Temp\ALSysIO64.sys;d:\users\Sven\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ArcService;Arc Service;d:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;d:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 EagleX64;EagleX64;d:\windows\system32\drivers\EagleX64.sys;d:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;d:\windows\system32\IEEtwCollector.exe;d:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;d:\windows\system32\drivers\rdpvideominiport.sys;d:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);d:\windows\system32\DRIVERS\RtTeam60.sys;d:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);d:\windows\system32\DRIVERS\RtVlan60.sys;d:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 Synth3dVsc;Synth3dVsc;d:\windows\system32\drivers\synth3dvsc.sys;d:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;d:\windows\system32\drivers\tsusbflt.sys;d:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;d:\windows\system32\drivers\tsusbhub.sys;d:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;d:\windows\system32\drivers\rdvgkmd.sys;d:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 X6va012;X6va012;d:\windows\SysWOW64\Drivers\X6va012;d:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va015;X6va015;d:\windows\SysWOW64\Drivers\X6va015;d:\windows\SysWOW64\Drivers\X6va015 [x]
R3 XFDriver64;XFDriver64;d:\program files (x86)\Xfire2\XFDriver64.sys;d:\program files (x86)\Xfire2\XFDriver64.sys [x]
R3 xhunter1;xhunter1;d:\windows\xhunter1.sys;d:\windows\xhunter1.sys [x]
R4 BstHdAndroidSvc;BlueStacks Android Service;d:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;d:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;d:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;d:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;d:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;d:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0150;RsFx0150 Driver;d:\windows\system32\DRIVERS\RsFx0150.sys;d:\windows\SYSNATIVE\DRIVERS\RsFx0150.sys [x]
R4 SQLAgent$SVEN;SQL Server-Agent (SVEN);d:\program files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\SQLAGENT.EXE;d:\program files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\SQLAGENT.EXE [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\DRIVERS\dtsoftbus01.sys;d:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;d:\windows\system32\DRIVERS\hssdrv6.sys;d:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;d:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe;d:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;d:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;d:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 BCUService;Browser Configuration Utility Service;d:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe;d:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;d:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;d:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;d:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;d:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;d:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;d:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 hshld;Hotspot Shield Service;d:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;d:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;d:\program files (x86)\Hotspot Shield\bin\hsswd.exe;d:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MSSQL$SVEN;SQL Server (SVEN);d:\program files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\sqlservr.exe;d:\program files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\sqlservr.exe [x]
S2 NvNetworkService;NVIDIA Network Service;d:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;d:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;d:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;d:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;d:\windows\system32\DRIVERS\RtNdPt60.sys;d:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;d:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;d:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;d:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;d:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 BrYNSvc;BrYNSvc;d:\program files (x86)\Browny02\BrYNSvc.exe;d:\program files (x86)\Browny02\BrYNSvc.exe [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);d:\windows\system32\DRIVERS\vrtaucbl.sys;d:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);d:\windows\system32\drivers\nvvad64v.sys;d:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;d:\windows\system32\DRIVERS\Rt64win7.sys;d:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SaiK1713;SaiK1713;d:\windows\system32\DRIVERS\SaiK1713.sys;d:\windows\SYSNATIVE\DRIVERS\SaiK1713.sys [x]
S3 SaiU1713;SaiU1713;d:\windows\system32\DRIVERS\SaiU1713.sys;d:\windows\SYSNATIVE\DRIVERS\SaiU1713.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;d:\windows\system32\DRIVERS\taphss6.sys;d:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 WSDScan;WSD-Scanunterstützung durch UMB;d:\windows\system32\drivers\WSDScan.sys;d:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 06:41	1091912	----a-w-	d:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-05 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-14 12:23]
.
2014-06-05 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14 18:10]
.
2014-06-05 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14 18:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-01-22 21:51	357432	----a-w-	d:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-26 22:55	262344	----a-w-	d:\users\Sven\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-26 22:55	262344	----a-w-	d:\users\Sven\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-26 22:55	262344	----a-w-	d:\users\Sven\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="d:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"ProfilerU"="d:\program files\SmartTechnology\Software\ProfilerU.exe" [2013-04-16 454144]
"SaiMfd"="d:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
"NvBackend"="d:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="d:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = d:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&ts=1393410981&type=default&q={searchTerms}
uStart Page = hxxp://mysearch.avg.com?cid={6476C965-EBEF-4BC7-A179-236AD0054964}&mid=c5458168d5da47d2a339d14acce4e9e6-4d739d14135f7c1cc976fcf1ede263a4f2d54edf&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-26 17:54&v=18.1.0.443&pid=safeguard&sg=&sap=hp
mDefault_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
mLocal Page = d:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390336758&from=amt&uid=HitachiXHDS721010CLA332_JP2921HQ24TEBA24TEBAX&q={searchTerms}
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uInternet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
IE: &Download by Orbit - d:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - d:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube to MP3 Converter - d:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - d:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: Interfaces\{C910842C-1DD1-406A-9717-D4BF88859DE9}: NameServer = 192.168.178.25,192.168.178.1
FF - ProfilePath - d:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\
FF - prefs.js: browser.search.selectedEngine - Mysearchdial
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
FF - prefs.js: keyword.URL - 
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.irmysearch.aflt - dvd_14_13_ch
FF - user.js: extensions.irmysearch.instlRef - 140305_a
FF - user.js: extensions.irmysearch.cr - 856150521
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=&q=
FF - user.js: extensions.mysearchdial.id - 00FF715A6C3CE559
FF - user.js: extensions.mysearchdial.instlDay - 16157
FF - user.js: extensions.mysearchdial.vrsn - 1.8.29.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.29.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.29.014:54
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - dvd_14_13_ch
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef - 140305_a
FF - user.js: extensions.mysearchdial.dfltLng - 
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial.cr - 856150521
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q
FF - user.js: extensions.mysearchdial.AL - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{3ca4d879-f33d-4f52-bdf8-53c6ce7fb09b} - d:\program files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ie\RichMediaViewV1release1179.dll
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{b8788dc7-1139-45a5-80dd-e5b1840eacd3} - d:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ie\MediaBuzzV1mode7583.dll
BHO-{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - d:\program files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll
Toolbar-{3004627E-F8E9-4E8B-909D-316753CBA923} - d:\program files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll
Wow6432Node-HKCU-Run-AnboBcat - d:\programdata\AnboBcat.dat
Wow6432Node-HKLM-Run-mobilegeni daemon - d:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - d:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110411901142} - d:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-bho64.dll
AddRemove-CryOnline - d:\program files (x86)\CryOnline\Uninstal.exe
AddRemove-The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00 - d:\program files (x86)\The Elder Scrolls V Skyrim\Uninstall.exe
AddRemove-{3980FAC3-C393-44A8-83DE-D8865C1F5A92}_is1 - d:\program files (x86)\vertical 8.0\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\d:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\d:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-850703575-16975960-4280425002-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-850703575-16975960-4280425002-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-850703575-16975960-4280425002-1000\Software\SecuROM\License information*]
"datasecu"=hex:db,5d,00,f1,18,83,e2,f6,b2,6c,e1,57,8f,70,ba,ff,a3,16,71,37,8f,
   82,c0,9b,88,a6,41,c8,98,af,ad,01,af,6a,86,38,6f,72,f2,49,39,c0,82,fa,f9,6f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-05  22:53:27
ComboFix-quarantined-files.txt  2014-06-05 20:53
.
Vor Suchlauf: 26 Verzeichnis(se), 13.677.494.272 Bytes frei
Nach Suchlauf: 32 Verzeichnis(se), 19.012.296.704 Bytes frei
.
- - End Of File - - B6E9BF6A84796B91D8B91565709BD661
         
--- --- --- A36C5E4F47E84449FF07ED3517B43A31

Alt 06.06.2014, 21:45   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.06.2014, 10:22   #11
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



so hab jetzt Malwarebytes, AdwCleaner Junkware und neuen FRST log gemacht

Code:
ATTFilter
# AdwCleaner v3.212 - Bericht erstellt am 09/06/2014 um 07:19:00
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Sven - SVEN-PC
# Gestartet von : D:\Users\Sven\Desktop\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : BCUService
Dienst Gelöscht : hshld
[#] Dienst Gelöscht : hsstrayservice
Dienst Gelöscht : hsswd

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : D:\ProgramData\AOL Toolbar
Ordner Gelöscht : D:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : D:\ProgramData\DeviceVM
Ordner Gelöscht : D:\ProgramData\hotspot shield
Ordner Gelöscht : D:\ProgramData\Viewpoint
Ordner Gelöscht : D:\ProgramData\WPM
Ordner Gelöscht : D:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Ordner Gelöscht : D:\Program Files (x86)\AOL Toolbar
Ordner Gelöscht : D:\Program Files (x86)\AVG SafeGuard toolbar
Ordner Gelöscht : D:\Program Files (x86)\DeviceVM
Ordner Gelöscht : D:\Program Files (x86)\hotspot shield
Ordner Gelöscht : D:\Program Files (x86)\orbitdownloader
Ordner Gelöscht : D:\Program Files (x86)\SupTab
Ordner Gelöscht : D:\Program Files (x86)\Viewpoint
Ordner Gelöscht : D:\Program Files (x86)\WinZipper
Ordner Gelöscht : D:\Program Files (x86)\Common Files\Software Update Utility
Ordner Gelöscht : D:\Windows\SysWOW64\hotspot shield
Ordner Gelöscht : D:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : D:\Users\Sven\AppData\Local\AOL Toolbar
Ordner Gelöscht : D:\Users\Sven\AppData\Local\genienext
Ordner Gelöscht : D:\Users\Sven\AppData\Local\Mobogenie
Ordner Gelöscht : D:\Users\Sven\AppData\LocalLow\Mysearchdial
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\DeviceVM
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\hotspot shield
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\SupTab
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\WinZipper
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
Ordner Gelöscht : D:\Users\Sven\Documents\Mobogenie
Ordner Gelöscht : D:\Users\Sven\Documents\Optimizer Pro
Ordner Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Ordner Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Datei Gelöscht : D:\Users\Sven\daemonprocess.txt
Datei Gelöscht : D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\searchplugins\delta-homes.xml
Datei Gelöscht : D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\user.js
Datei Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Datei Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : D:\Users\Sven\Desktop\Programme\Google Chrome.lnk
Verknüpfung Desinfiziert : D:\Users\Sven\Desktop\Programme\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : D:\Users\Sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Program Files (x86)\Orbitdownloader\orbitdm.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Program Files (x86)\Orbitdownloader\orbitnet.exe]
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Orbit
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\hotspotshield
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\Orbit
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\Viewpoint
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v27.0 (de)

[ Datei : D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Mysearchdial");
Zeile gelöscht : user_pref("browser.search.order.1", "Mysearchdial");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.a885f632d147140b99736370834c9febf6bc59f1b7afb44ab806816b3cdaf03e6com49042.49042.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.enabledAddons", "quick_start%40gmail.com:3.1.9,ffxtlbr%40mysearchdial.com:1.6.0,%7B140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA%7D:3.0.0.0,afproxy%40anchorfree.com:3.42,%7B972ce4c6-7e08-[...]
Zeile gelöscht : user_pref("extensions.irmysearch.aflt", "dvd_14_13_ch");
Zeile gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0Dt[...]
Zeile gelöscht : user_pref("extensions.irmysearch.cr", "856150521");
Zeile gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_a");

-\\ Google Chrome v35.0.1916.114

[ Datei : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
Gelöscht [Homepage] : hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP84A5CD7A-1EA2-4260-95EE-5CA3ED6B8FE4&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Gelöscht [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Gelöscht [Extension] : ombmmloebnfnpehgjnmkcgoegfachobp
Gelöscht [Extension] : pkndmigholgfjlniaohblojbhgjbkakn

*************************

AdwCleaner[R0].txt - [19872 octets] - [09/06/2014 06:57:50]
AdwCleaner[S0].txt - [17886 octets] - [09/06/2014 07:19:00]

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [17947 octets] ##########
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014
Ran by Sven (administrator) on SVEN-PC on 09-06-2014 10:16:09
Running from D:\Users\Sven\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(AMD) D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) D:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Microsoft Corporation) D:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ASUSTeK Computer Inc.) D:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) D:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Saitek) D:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) D:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Akamai Technologies, Inc.) D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) D:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() D:\Windows\SysWOW64\WinMsgBalloonServer.exe
() D:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Oracle Corporation) D:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) D:\Windows\SysWOW64\notepad.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [ProfilerU] => D:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => D:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => D:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => D:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => D:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BrStsMon00] => D:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Akamai NetSession Interface] => D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Skype] => D:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [AdobeBridge] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFE0C1FCE5311CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
StartMenuInternet: IEXPLORE.EXE - D:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {D1FD30FD-C21E-4c68-A01C-4D27795A6F1E} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {FF34D94C-2381-45f2-B8F9-D90B6FED67D4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Rich Media View - {3ca4d879-f33d-4f52-bdf8-53c6ce7fb09b} - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ie\RichMediaViewV1release1179.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - D:\Program Files (x86)\AOL Toolbar\aoltb.dll No File
Toolbar: HKCU - No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{C910842C-1DD1-406A-9717-D4BF88859DE9}: [NameServer]192.168.178.25,192.168.178.1

FireFox:
========
FF ProfilePath: D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default
FF NewTab: chrome://quick_start/content/index.html
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - D:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - D:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - D:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - D:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - D:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - D:\Users\Sven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - D:\Users\Sven\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-01-28]
FF Extension: Hotspot Shield Extension - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-05-10]
FF Extension: Skype Click to Call - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - D:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - D:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP84A5CD7A-1EA2-4260-95EE-5CA3ED6B8FE4&SSPV=
CHR StartupUrls: "hxxp://www.google.de/", "hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=", "hxxp://mysearch.avg.com?cid={6476C965-EBEF-4BC7-A179-236AD0054964}&mid=c5458168d5da47d2a339d14acce4e9e6-4d739d14135f7c1cc976fcf1ede263a4f2d54edf&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-26 17:54:02&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR Extension: (Google Docs) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Adblock Plus) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-25]
CHR Extension: (Google-Suche) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (AdBlock) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-25]
CHR Extension: (Google Wallet) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Google Mail) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gfmhnehcigahmefdogigamdidmifoehl] - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5395\ch\MediaViewV1alpha5395.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - D:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mnkpeifjhlnepbmkfingkijmnffgjoaj] - D:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ch\MediaBuzzV1mode7583.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [ochdbafdjjcmmcmlfdmooffpdkcjjppa] - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ch\RichMediaViewV1release1179.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD_RAIDXpert; D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S3 ArcService; D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-05-20] (Perfect World Entertainment Inc)
R2 AsSysCtrlService; D:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S3 BrYNSvc; D:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 BstHdAndroidSvc; D:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; D:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; D:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; D:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 MSSQL$SVEN; d:\Program Files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\sqlservr.exe [61916000 2011-04-24] (Microsoft Corporation)
R2 NvNetworkService; D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S4 SQLAgent$SVEN; d:\Program Files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\SQLAGENT.EXE [428384 2011-04-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; D:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; D:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 BstHdDrv; D:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 dtsoftbus01; D:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-13] (Disc Soft Ltd)
R1 HssDRV6; D:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; D:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; D:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; D:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SaiK1713; D:\Windows\System32\DRIVERS\SaiK1713.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; D:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; D:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1713; D:\Windows\System32\DRIVERS\SaiU1713.sys [47168 2012-09-20] (Saitek)
R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R3 taphss6; D:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 ALSysIO; \??\D:\Users\Sven\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\D:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\D:\Windows\system32\drivers\EagleX64.sys [X]
S0 nanbj; System32\drivers\ndwcqeae.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\D:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\D:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 XFDriver64; \??\D:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
S3 xhunter1; \??\D:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-09 08:44 - 2014-06-09 08:44 - 00002168 _____ () D:\Users\Sven\Desktop\JRT.txt
2014-06-09 08:31 - 2014-06-09 08:31 - 00000000 ____D () D:\Windows\ERUNT
2014-06-09 08:23 - 2014-06-09 08:23 - 01016261 _____ (Thisisu) D:\Users\Sven\Desktop\JRT.exe
2014-06-09 07:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) D:\Windows\SysWOW64\sqlite3.dll
2014-06-09 06:57 - 2014-06-09 07:19 - 00000000 ____D () D:\AdwCleaner
2014-06-09 00:36 - 2014-06-09 00:37 - 00252168 _____ () D:\avenger.txt
2014-06-09 00:36 - 2014-06-09 00:36 - 00000000 ____D () D:\Avenger
2014-06-08 01:53 - 2014-06-08 01:53 - 00000000 ____D () D:\Users\Sven\Desktop\After Effects
2014-06-08 01:52 - 2014-06-08 01:52 - 01333465 _____ () D:\Users\Sven\Desktop\adwcleaner_3.212.exe
2014-06-07 22:52 - 2014-06-07 22:58 - 109017236 _____ () D:\Users\Sven\Desktop\Free_Stock_Pack.zip
2014-06-07 20:57 - 2014-06-07 20:58 - 02780612 _____ () D:\Users\Sven\Desktop\FireOfDeath.mp4
2014-06-07 08:30 - 2014-06-07 08:32 - 02740432 _____ () D:\Users\Sven\Desktop\BulletStormLP (Feuer).mp4
2014-06-07 03:23 - 2014-06-07 03:27 - 08054482 _____ () D:\Users\Sven\Desktop\EvilFlay (Feuer).mp4
2014-06-07 02:28 - 2014-06-07 02:28 - 00157152 _____ () D:\Users\Sven\Desktop\Unbenanntes Projekt.aep
2014-06-07 02:26 - 2014-06-07 02:27 - 07812990 _____ () D:\Users\Sven\Desktop\EvilFlay Intro.mp4
2014-06-07 02:19 - 2014-06-07 09:31 - 00194088 _____ () D:\Users\Sven\Desktop\EvilFlay.aep
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Public\Documents\Adobe
2014-06-07 01:31 - 2014-06-07 01:32 - 01169517 _____ () D:\Users\Sven\Desktop\smoke_pass.mp4
2014-06-07 01:31 - 2014-06-07 01:31 - 00981100 _____ () D:\Users\Sven\Desktop\SmokeFootage.zip
2014-06-07 01:13 - 2014-06-09 09:31 - 00122584 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-07 01:13 - 2014-06-07 01:13 - 00001098 _____ () D:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Malwarebytes
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-07 01:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-07 01:13 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys
2014-06-07 01:13 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys
2014-06-07 01:06 - 2014-06-07 01:07 - 17292760 _____ (Malwarebytes Corporation ) D:\Users\Sven\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-06 13:32 - 2014-06-07 01:27 - 23481743 _____ () D:\Users\Sven\Desktop\120.zip
2014-06-06 12:07 - 2014-06-06 12:08 - 18328764 _____ () D:\Users\Sven\Desktop\Trapcode Free.rar
2014-06-06 12:07 - 2010-10-22 23:17 - 00000000 ____D () D:\Users\Sven\Desktop\Trapcode Free
2014-06-06 11:56 - 2014-06-06 11:57 - 00000000 ____D () D:\Users\Sven\Desktop\TCSuite_Win_Full
2014-06-06 11:36 - 2014-06-06 11:37 - 242088647 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full (1).zip
2014-06-06 11:32 - 2014-06-06 11:32 - 00000000 ____D () D:\Program Files\Red Giant
2014-06-06 11:32 - 2014-05-02 15:15 - 12858368 _____ (Red Giant Software) D:\Windows\system32\Gpu_Shader_Engine_x64.dll
2014-06-06 11:30 - 2014-06-06 12:17 - 00000000 ____D () D:\ProgramData\rgt
2014-06-06 11:29 - 2014-06-06 11:29 - 00003648 _____ () D:\Windows\System32\Tasks\Red Giant Link
2014-06-06 11:28 - 2014-06-06 11:28 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Red Giant
2014-06-06 11:27 - 2014-06-06 11:31 - 00000000 ____D () D:\ProgramData\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\Program Files (x86)\Red Giant Link
2014-06-06 11:25 - 2014-06-06 11:25 - 00000000 ____D () D:\ProgramData\RedGiant
2014-06-06 11:24 - 2014-06-06 11:58 - 00000000 ____D () D:\Users\Sven\AppData\Local\Downloaded Installations
2014-06-06 11:21 - 2014-06-06 11:22 - 258367752 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full.zip
2014-06-06 11:15 - 2014-06-06 11:15 - 00001728 _____ () D:\Users\Sven\Desktop\AfterFX - Verknüpfung.lnk
2014-06-06 11:11 - 2014-06-06 11:11 - 38460651 _____ () D:\Users\Sven\Desktop\Optical_Flares.rar
2014-06-06 11:06 - 2014-06-06 11:06 - 00000021 _____ () D:\Windows\SurCode.INI
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\Documents\Adobe
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Local\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\ProgramData\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Program Files\Common Files\PACE Anti-Piracy
2014-06-06 10:58 - 2014-06-06 10:58 - 00000000 ____D () D:\ProgramData\regid.1986-12.com.adobe
2014-06-06 10:57 - 2014-06-06 10:57 - 00001194 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2014-06-06 10:56 - 2014-06-06 10:56 - 00001037 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-06-06 10:55 - 2014-06-06 10:55 - 00001515 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-06-06 10:55 - 2014-06-06 10:55 - 00001090 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2014-06-06 10:53 - 2014-06-06 10:53 - 00000997 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default\AppData\Roaming\Macromedia
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default User\AppData\Roaming\Macromedia
2014-06-06 10:49 - 2014-06-06 10:57 - 00000000 ____D () D:\Program Files\Adobe
2014-06-06 10:48 - 2014-06-06 10:56 - 00000000 ____D () D:\Program Files\Common Files\Adobe
2014-06-06 10:17 - 2014-06-06 10:19 - 00000000 ____D () D:\Users\Sven\Desktop\Adobe After Effects CS6 Full + Crack x32 & x64
2014-06-06 10:05 - 2014-06-06 10:05 - 01818037 _____ () D:\Users\Sven\Desktop\EvilFly.mp4
2014-06-06 09:55 - 2014-06-06 09:56 - 41765789 _____ () D:\Users\Sven\Documents\Lena1.wmv
2014-06-05 22:53 - 2014-06-05 22:53 - 00055501 _____ () D:\ComboFix.txt
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Public\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default User\AppData\Local\temp
2014-06-05 22:21 - 2011-06-26 08:45 - 00256000 _____ () D:\Windows\PEV.exe
2014-06-05 22:21 - 2010-11-07 19:20 - 00208896 _____ () D:\Windows\MBR.exe
2014-06-05 22:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00098816 _____ () D:\Windows\sed.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00080412 _____ () D:\Windows\grep.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00068096 _____ () D:\Windows\zip.exe
2014-06-05 22:20 - 2014-06-05 22:53 - 00000000 ____D () D:\Qoobox
2014-06-05 22:19 - 2014-06-05 22:51 - 00000000 ____D () D:\Windows\erdnt
2014-06-05 21:56 - 2014-06-05 21:56 - 05205146 ____R (Swearware) D:\Users\Sven\Desktop\ComboFix.exe
2014-06-05 21:49 - 2014-06-05 23:55 - 00000000 ____D () D:\Users\Sven\Documents\Dusk
2014-06-05 21:12 - 2014-06-05 21:12 - 00001681 _____ () D:\Users\Sven\Desktop\Trinity-Online 2014 - Verknüpfung.lnk
2014-06-05 20:27 - 2014-06-09 01:31 - 00000000 ____D () D:\Users\Sven\Desktop\Trinity-Online.de
2014-06-05 20:09 - 2014-06-05 20:26 - 3853038926 _____ () D:\Users\Sven\Desktop\Trinity-Onlinede.rar
2014-06-04 20:18 - 2014-06-04 20:18 - 00001260 _____ () D:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-06-04 20:18 - 2014-06-04 20:18 - 00000000 ____D () D:\Program Files (x86)\VS Revo Group
2014-06-04 20:14 - 2014-06-09 09:28 - 00000000 ____D () D:\Users\Sven\Desktop\FRST-OlderVersion
2014-06-02 19:31 - 2014-06-02 19:31 - 19562020 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4.sfvp0
2014-06-02 19:20 - 2014-06-02 19:20 - 00000728 _____ () D:\Users\Sven\Documents\Standard.sfvidcap
2014-06-02 18:34 - 2014-06-02 18:34 - 00048472 _____ () D:\Users\Sven\Desktop\Addition (1).txt
2014-06-02 18:28 - 2014-06-02 18:33 - 00048472 _____ () D:\Users\Sven\Desktop\Addition.txt
2014-06-02 18:26 - 2014-06-09 10:16 - 00021531 _____ () D:\Users\Sven\Desktop\FRST.txt
2014-06-02 18:26 - 2014-06-09 10:16 - 00000000 ____D () D:\FRST
2014-06-02 18:25 - 2014-06-09 09:28 - 02080768 _____ (Farbar) D:\Users\Sven\Desktop\FRST64.exe
2014-06-01 00:14 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\Desktop\IMG_01062014_000101.rar
2014-06-01 00:13 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\IMG_01062014_000101.rar
2014-05-31 23:07 - 2014-05-31 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-05-31 23:06 - 2014-05-31 23:06 - 00000000 ____D () D:\Program Files\Sandboxie
2014-05-31 22:54 - 2014-05-31 22:54 - 02656264 _____ (Sandboxie Holdings, LLC) D:\Users\Sven\Desktop\SandboxieInstall.exe
2014-05-31 22:35 - 2014-05-31 22:40 - 03932226 _____ () D:\Users\Sven\Documents\wtzui68o9.bmp
2014-05-28 21:19 - 2014-05-28 21:19 - 00001263 _____ () D:\Users\Sven\Desktop\Lena Online Patcher - Verknüpfung.lnk
2014-05-28 07:40 - 2014-05-28 07:40 - 00000714 _____ () D:\Users\Sven\Documents\Config.rar
2014-05-26 18:05 - 2014-05-26 18:11 - 00001946 _____ () D:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-05-25 21:39 - 2014-05-25 21:39 - 00000000 ____D () D:\Users\Sven\Desktop\Atlantica_MTRUE
2014-05-25 20:35 - 2014-05-25 20:35 - 00000926 _____ () D:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\Program Files (x86)\LogMeIn Hamachi
2014-05-25 19:38 - 2014-05-25 19:38 - 00000184 _____ () D:\Users\Sven\Desktop\Play Ignis.url
2014-05-25 18:42 - 2014-05-26 21:36 - 00000000 ____D () D:\Program Files (x86)\Extrinsic Studio
2014-05-25 18:14 - 2014-05-17 04:35 - 00044744 _____ (AnchorFree Inc.) D:\Windows\system32\Drivers\hssdrv6.sys
2014-05-25 06:55 - 2014-05-25 06:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TuneUp Software
2014-05-25 06:46 - 2014-05-27 16:25 - 00000000 ____D () D:\ProgramData\MFAData
2014-05-25 06:46 - 2014-05-25 06:46 - 00000000 ____D () D:\Users\Sven\AppData\Local\MFAData
2014-05-25 05:56 - 2014-05-25 05:56 - 06406144 _____ () D:\Users\Sven\Desktop\Hamachi-2.2.0.130.msi
2014-05-25 05:25 - 2014-05-25 05:49 - 00000599 _____ () D:\Users\Sven\Desktop\Skype addy.txt
2014-05-23 14:34 - 2014-05-23 14:34 - 00000000 ____D () D:\Users\Sven\Desktop\Skillet - It's Not Me It's You (Lyrics)
2014-05-22 21:23 - 2014-05-22 21:23 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Brother
2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-05-21 10:34 - 2014-05-21 10:34 - 00013507 _____ () D:\Users\Sven\Desktop\Unbenannt 1245.odt
2014-05-21 03:45 - 2014-05-21 03:47 - 00013854 _____ () D:\Users\Sven\Desktop\Unbenannt 1.odt
2014-05-21 01:50 - 2014-05-21 03:21 - 00020232 _____ () D:\Users\Sven\Documents\Ohne Titel.veg
2014-05-21 01:50 - 2014-05-21 01:50 - 00018768 _____ () D:\Users\Sven\Documents\Ohne Titel.veg.bak
2014-05-21 00:15 - 2014-05-21 00:15 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00001063 _____ () D:\Users\Public\Desktop\XMedia Recode.lnk
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\Program Files (x86)\XMedia Recode
2014-05-21 00:10 - 2014-05-21 00:10 - 07546805 _____ (XMedia Recode ) D:\Users\Sven\Desktop\XMediaRecode3187_setup.exe
2014-05-20 21:59 - 2014-05-22 20:11 - 00000806 _____ () D:\Users\Sven\Desktop\CoreTemp.ini
2014-05-20 21:59 - 2014-05-20 21:59 - 00000011 _____ () D:\Users\Sven\Desktop\Plugins.ini
2014-05-20 21:58 - 2014-05-20 21:58 - 00188736 _____ () D:\Users\Sven\Desktop\CoreTemp_64bit_0.99.5.27_PCMASTERS.DE.rar
2014-05-20 21:58 - 2009-08-05 13:28 - 00018868 _____ () D:\Users\Sven\Desktop\Changes.txt
2014-05-20 21:58 - 2009-08-05 13:24 - 00472592 _____ () D:\Users\Sven\Desktop\Core Temp.exe
2014-05-20 21:58 - 2008-04-22 00:50 - 00003547 _____ () D:\Users\Sven\Desktop\ReadMe!.txt
2014-05-20 11:08 - 2014-05-20 12:52 - 4218159104 _____ () D:\Users\Sven\Documents\DrakenSangLP.mxf
2014-05-20 11:01 - 2014-05-20 11:01 - 01218658 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4
2014-05-19 22:04 - 2014-05-19 22:04 - 00002656 _____ () D:\Users\Sven\Documents\Vegas Pro registrieren.htm
2014-05-19 21:27 - 2014-05-20 10:13 - 07763684 _____ () D:\Users\Sven\Desktop\DSC_0003.JPG.part
2014-05-19 20:50 - 2014-05-19 20:50 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files (x86)\Sony
2014-05-19 19:55 - 2014-05-19 19:56 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Publish Providers
2014-05-19 19:47 - 2014-05-19 20:49 - 00000000 ____D () D:\Users\Sven\AppData\Local\Sony
2014-05-19 19:47 - 2014-05-19 20:49 - 00000000 ____D () D:\ProgramData\Sony
2014-05-19 19:46 - 2014-05-20 11:08 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Sony
2014-05-19 19:43 - 2014-05-19 19:44 - 277095929 _____ () D:\Users\Sven\Downloads\SVP_12.zip
2014-05-19 17:50 - 2014-05-21 19:00 - 00000000 ____D () D:\Program Files (x86)\Drakensang Online
2014-05-19 17:48 - 2014-05-19 17:49 - 08988296 _____ () D:\Users\Sven\Desktop\DrakensangOnlineSetup.exe
2014-05-19 17:34 - 2014-05-22 17:43 - 00003858 _____ () D:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389728356
2014-05-18 00:24 - 2014-05-18 00:24 - 00000029 _____ () D:\ValveUnhandledExceptionFilter.txt
2014-05-17 19:32 - 2014-05-17 19:37 - 55171247 _____ () D:\Users\Sven\Desktop\l4d2_2013.zip
2014-05-17 02:42 - 2014-05-17 02:42 - 00042184 _____ (Anchorfree Inc.) D:\Windows\system32\Drivers\taphss6.sys
2014-05-17 02:34 - 2014-05-17 02:34 - 00000000 ____D () D:\Users\Sven\Documents\Rockstar Games
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __SHD () D:\ProgramData\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __RHD () D:\Users\Sven\AppData\Roaming\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 ____D () D:\Users\Sven\AppData\Local\Rockstar Games
2014-05-15 02:50 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-05-15 02:50 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-05-15 02:50 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-05-15 02:50 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-05-14 10:18 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-05-14 10:18 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-05-14 10:18 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) D:\Windows\system32\shell32.dll
2014-05-14 10:18 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) D:\Windows\SysWOW64\shell32.dll
2014-05-14 10:17 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 10:17 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 10:17 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) D:\Windows\system32\lsasrv.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) D:\Windows\system32\sspicli.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) D:\Windows\system32\lsass.exe
2014-05-14 10:17 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) D:\Windows\system32\sspisrv.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) D:\Windows\system32\secur32.dll
2014-05-14 10:17 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\secur32.dll
2014-05-14 10:17 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) D:\Windows\SysWOW64\sspicli.dll
2014-05-14 10:17 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) D:\Windows\system32\ntoskrnl.exe
2014-05-14 10:17 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) D:\Windows\system32\kerberos.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) D:\Windows\system32\objsel.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) D:\Windows\system32\KernelBase.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) D:\Windows\system32\schannel.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) D:\Windows\system32\msv1_0.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) D:\Windows\system32\wdigest.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) D:\Windows\system32\TSpkg.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) D:\Windows\system32\wincredprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) D:\Windows\system32\winlogon.exe
2014-05-14 10:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) D:\Windows\system32\cngprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\adprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) D:\Windows\system32\capiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) D:\Windows\system32\dpapiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) D:\Windows\system32\dimsroam.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\credssp.dll
2014-05-14 10:17 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 10:17 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 10:17 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\kerberos.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) D:\Windows\SysWOW64\objsel.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msv1_0.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) D:\Windows\SysWOW64\schannel.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wdigest.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) D:\Windows\SysWOW64\TSpkg.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) D:\Windows\SysWOW64\cngprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) D:\Windows\SysWOW64\adprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) D:\Windows\SysWOW64\capiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dimsroam.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) D:\Windows\SysWOW64\credssp.dll
2014-05-14 10:17 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) D:\Windows\SysWOW64\KernelBase.dll
2014-05-11 16:53 - 2014-05-12 00:42 - 00001270 _____ () D:\Users\Sven\Desktop\Sry.txt
2014-05-10 17:41 - 2014-05-25 18:15 - 00001048 _____ () D:\Users\Public\Desktop\Hotspot Shield.lnk
2014-05-10 04:15 - 2014-05-10 04:15 - 00629584 _____ (Chip Digital GmbH) D:\Users\Sven\Desktop\Hotspot Shield VPN - CHIP-Downloader.exe

==================== One Month Modified Files and Folders =======

2014-06-09 10:16 - 2014-06-02 18:26 - 00021531 _____ () D:\Users\Sven\Desktop\FRST.txt
2014-06-09 10:16 - 2014-06-02 18:26 - 00000000 ____D () D:\FRST
2014-06-09 10:16 - 2014-01-14 20:05 - 00000000 ____D () D:\Users\Sven\AppData\Local\Temp
2014-06-09 10:15 - 2014-01-14 20:13 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Skype
2014-06-09 10:02 - 2014-01-21 20:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TS3Client
2014-06-09 09:40 - 2014-01-14 20:10 - 00001106 _____ () D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 09:31 - 2014-06-07 01:13 - 00122584 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 09:29 - 2014-01-19 14:23 - 00000884 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-09 09:28 - 2014-06-04 20:14 - 00000000 ____D () D:\Users\Sven\Desktop\FRST-OlderVersion
2014-06-09 09:28 - 2014-06-02 18:25 - 02080768 _____ (Farbar) D:\Users\Sven\Desktop\FRST64.exe
2014-06-09 08:44 - 2014-06-09 08:44 - 00002168 _____ () D:\Users\Sven\Desktop\JRT.txt
2014-06-09 08:31 - 2014-06-09 08:31 - 00000000 ____D () D:\Windows\ERUNT
2014-06-09 08:23 - 2014-06-09 08:23 - 01016261 _____ (Thisisu) D:\Users\Sven\Desktop\JRT.exe
2014-06-09 07:30 - 2014-01-14 19:51 - 01981018 _____ () D:\Windows\WindowsUpdate.log
2014-06-09 07:30 - 2009-07-14 06:45 - 00014336 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 07:30 - 2009-07-14 06:45 - 00014336 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 07:26 - 2014-02-10 01:17 - 00000000 ____D () D:\Program Files (x86)\Steam
2014-06-09 07:26 - 2014-01-14 23:36 - 00000000 ____D () D:\Users\Sven\AppData\Local\LogMeIn Hamachi
2014-06-09 07:25 - 2014-01-14 20:10 - 00001102 _____ () D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-09 07:25 - 2009-07-14 06:51 - 00071169 _____ () D:\Windows\setupact.log
2014-06-09 07:24 - 2014-01-14 20:58 - 00589786 _____ () D:\Windows\PFRO.log
2014-06-09 07:24 - 2014-01-14 20:54 - 00000000 ____D () D:\ProgramData\NVIDIA
2014-06-09 07:24 - 2009-07-14 07:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT
2014-06-09 07:19 - 2014-06-09 06:57 - 00000000 ____D () D:\AdwCleaner
2014-06-09 07:19 - 2014-04-19 20:33 - 00000000 ____D () D:\Users\Sven\Desktop\Programme
2014-06-09 07:19 - 2014-02-11 18:10 - 00001057 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-09 07:19 - 2014-01-14 20:11 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-09 07:19 - 2014-01-14 20:05 - 00000000 ____D () D:\Users\Sven
2014-06-09 02:15 - 2014-04-27 18:00 - 00000000 ____D () D:\Users\Sven\Downloads\Gameforge Live
2014-06-09 01:31 - 2014-06-05 20:27 - 00000000 ____D () D:\Users\Sven\Desktop\Trinity-Online.de
2014-06-09 00:37 - 2014-06-09 00:36 - 00252168 _____ () D:\avenger.txt
2014-06-09 00:36 - 2014-06-09 00:36 - 00000000 ____D () D:\Avenger
2014-06-08 02:24 - 2014-02-10 23:10 - 00000000 ____D () D:\Users\Sven\Desktop\Musik
2014-06-08 01:53 - 2014-06-08 01:53 - 00000000 ____D () D:\Users\Sven\Desktop\After Effects
2014-06-08 01:52 - 2014-06-08 01:52 - 01333465 _____ () D:\Users\Sven\Desktop\adwcleaner_3.212.exe
2014-06-07 23:24 - 2014-01-14 19:47 - 00000000 ____D () D:\Windows\Panther
2014-06-07 22:58 - 2014-06-07 22:52 - 109017236 _____ () D:\Users\Sven\Desktop\Free_Stock_Pack.zip
2014-06-07 21:17 - 2014-02-10 22:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\vlc
2014-06-07 20:58 - 2014-06-07 20:57 - 02780612 _____ () D:\Users\Sven\Desktop\FireOfDeath.mp4
2014-06-07 09:31 - 2014-06-07 02:19 - 00194088 _____ () D:\Users\Sven\Desktop\EvilFlay.aep
2014-06-07 08:32 - 2014-06-07 08:30 - 02740432 _____ () D:\Users\Sven\Desktop\BulletStormLP (Feuer).mp4
2014-06-07 03:27 - 2014-06-07 03:23 - 08054482 _____ () D:\Users\Sven\Desktop\EvilFlay (Feuer).mp4
2014-06-07 02:28 - 2014-06-07 02:28 - 00157152 _____ () D:\Users\Sven\Desktop\Unbenanntes Projekt.aep
2014-06-07 02:27 - 2014-06-07 02:26 - 07812990 _____ () D:\Users\Sven\Desktop\EvilFlay Intro.mp4
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Public\Documents\Adobe
2014-06-07 01:32 - 2014-06-07 01:31 - 01169517 _____ () D:\Users\Sven\Desktop\smoke_pass.mp4
2014-06-07 01:31 - 2014-06-07 01:31 - 00981100 _____ () D:\Users\Sven\Desktop\SmokeFootage.zip
2014-06-07 01:27 - 2014-06-06 13:32 - 23481743 _____ () D:\Users\Sven\Desktop\120.zip
2014-06-07 01:13 - 2014-06-07 01:13 - 00001098 _____ () D:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Malwarebytes
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-07 01:07 - 2014-06-07 01:06 - 17292760 _____ (Malwarebytes Corporation ) D:\Users\Sven\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-06 22:57 - 2009-07-14 06:45 - 04932528 _____ () D:\Windows\system32\FNTCACHE.DAT
2014-06-06 14:51 - 2014-02-11 19:11 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\BitTorrent
2014-06-06 12:17 - 2014-06-06 11:30 - 00000000 ____D () D:\ProgramData\rgt
2014-06-06 12:17 - 2014-01-14 20:08 - 00000000 ___HD () D:\Program Files (x86)\InstallShield Installation Information
2014-06-06 12:08 - 2014-06-06 12:07 - 18328764 _____ () D:\Users\Sven\Desktop\Trapcode Free.rar
2014-06-06 11:58 - 2014-06-06 11:24 - 00000000 ____D () D:\Users\Sven\AppData\Local\Downloaded Installations
2014-06-06 11:57 - 2014-06-06 11:56 - 00000000 ____D () D:\Users\Sven\Desktop\TCSuite_Win_Full
2014-06-06 11:37 - 2014-06-06 11:36 - 242088647 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full (1).zip
2014-06-06 11:32 - 2014-06-06 11:32 - 00000000 ____D () D:\Program Files\Red Giant
2014-06-06 11:31 - 2014-06-06 11:27 - 00000000 ____D () D:\ProgramData\Red Giant
2014-06-06 11:29 - 2014-06-06 11:29 - 00003648 _____ () D:\Windows\System32\Tasks\Red Giant Link
2014-06-06 11:28 - 2014-06-06 11:28 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\Program Files (x86)\Red Giant Link
2014-06-06 11:25 - 2014-06-06 11:25 - 00000000 ____D () D:\ProgramData\RedGiant
2014-06-06 11:22 - 2014-06-06 11:21 - 258367752 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full.zip
2014-06-06 11:15 - 2014-06-06 11:15 - 00001728 _____ () D:\Users\Sven\Desktop\AfterFX - Verknüpfung.lnk
2014-06-06 11:11 - 2014-06-06 11:11 - 38460651 _____ () D:\Users\Sven\Desktop\Optical_Flares.rar
2014-06-06 11:07 - 2014-01-14 20:36 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Adobe
2014-06-06 11:06 - 2014-06-06 11:06 - 00000021 _____ () D:\Windows\SurCode.INI
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\Documents\Adobe
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Local\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\ProgramData\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Program Files\Common Files\PACE Anti-Piracy
2014-06-06 11:06 - 2014-03-21 01:02 - 00000000 ___HD () D:\Users\Sven\AppData\Local\FCZ3EYoCCXl
2014-06-06 11:06 - 2014-01-14 20:26 - 00000000 ____D () D:\Users\Sven\AppData\Local\Adobe
2014-06-06 11:06 - 2013-01-14 07:10 - 00000000 ___HD () D:\Users\Sven\AppData\Local\ztmWClgV
2014-06-06 11:00 - 2014-01-14 20:10 - 00068464 _____ () D:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-06 10:58 - 2014-06-06 10:58 - 00000000 ____D () D:\ProgramData\regid.1986-12.com.adobe
2014-06-06 10:58 - 2014-01-14 20:35 - 00000000 ____D () D:\ProgramData\Adobe
2014-06-06 10:57 - 2014-06-06 10:57 - 00001194 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2014-06-06 10:57 - 2014-06-06 10:49 - 00000000 ____D () D:\Program Files\Adobe
2014-06-06 10:56 - 2014-06-06 10:56 - 00001037 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-06-06 10:56 - 2014-06-06 10:48 - 00000000 ____D () D:\Program Files\Common Files\Adobe
2014-06-06 10:55 - 2014-06-06 10:55 - 00001515 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-06-06 10:55 - 2014-06-06 10:55 - 00001090 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2014-06-06 10:55 - 2014-01-14 20:35 - 00000000 ____D () D:\Program Files (x86)\Adobe
2014-06-06 10:53 - 2014-06-06 10:53 - 00000997 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default\AppData\Roaming\Macromedia
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default User\AppData\Roaming\Macromedia
2014-06-06 10:19 - 2014-06-06 10:17 - 00000000 ____D () D:\Users\Sven\Desktop\Adobe After Effects CS6 Full + Crack x32 & x64
2014-06-06 10:05 - 2014-06-06 10:05 - 01818037 _____ () D:\Users\Sven\Desktop\EvilFly.mp4
2014-06-06 09:56 - 2014-06-06 09:55 - 41765789 _____ () D:\Users\Sven\Documents\Lena1.wmv
2014-06-05 23:55 - 2014-06-05 21:49 - 00000000 ____D () D:\Users\Sven\Documents\Dusk
2014-06-05 22:53 - 2014-06-05 22:53 - 00055501 _____ () D:\ComboFix.txt
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Public\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default User\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:20 - 00000000 ____D () D:\Qoobox
2014-06-05 22:53 - 2009-07-14 05:20 - 00000000 __RHD () D:\Users\Default
2014-06-05 22:51 - 2014-06-05 22:19 - 00000000 ____D () D:\Windows\erdnt
2014-06-05 22:50 - 2009-07-14 04:34 - 00000252 _____ () D:\Windows\system.ini
2014-06-05 21:56 - 2014-06-05 21:56 - 05205146 ____R (Swearware) D:\Users\Sven\Desktop\ComboFix.exe
2014-06-05 21:12 - 2014-06-05 21:12 - 00001681 _____ () D:\Users\Sven\Desktop\Trinity-Online 2014 - Verknüpfung.lnk
2014-06-05 21:03 - 2014-03-26 14:20 - 00000000 ____D () D:\Users\Sven\AppData\Local\P4tcher
2014-06-05 20:26 - 2014-06-05 20:09 - 3853038926 _____ () D:\Users\Sven\Desktop\Trinity-Onlinede.rar
2014-06-05 05:40 - 2014-02-10 22:26 - 00001474 __RSH () D:\ProgramData\ntuser.pol
2014-06-05 00:19 - 2009-07-14 06:57 - 00001547 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-04 21:31 - 2014-02-05 18:07 - 00000000 ____D () D:\Riot Games
2014-06-04 20:18 - 2014-06-04 20:18 - 00001260 _____ () D:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-06-04 20:18 - 2014-06-04 20:18 - 00000000 ____D () D:\Program Files (x86)\VS Revo Group
2014-06-04 01:55 - 2014-04-26 18:25 - 00001528 _____ () D:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-06-04 01:55 - 2014-04-26 18:25 - 00001235 _____ () D:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-06-04 01:55 - 2014-02-10 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-04 01:55 - 2014-02-10 23:07 - 00000000 ____D () D:\Program Files (x86)\DVDVideoSoft
2014-06-04 01:54 - 2014-02-10 23:07 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\DVDVideoSoft
2014-06-03 20:58 - 2014-01-14 21:59 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Orbit
2014-06-03 20:58 - 2009-07-14 05:20 - 00000000 ___RD () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 19:31 - 2014-06-02 19:31 - 19562020 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4.sfvp0
2014-06-02 19:20 - 2014-06-02 19:20 - 00000728 _____ () D:\Users\Sven\Documents\Standard.sfvidcap
2014-06-02 18:34 - 2014-06-02 18:34 - 00048472 _____ () D:\Users\Sven\Desktop\Addition (1).txt
2014-06-02 18:33 - 2014-06-02 18:28 - 00048472 _____ () D:\Users\Sven\Desktop\Addition.txt
2014-06-01 00:13 - 2014-06-01 00:14 - 00592349 _____ () D:\Users\Sven\Desktop\IMG_01062014_000101.rar
2014-06-01 00:13 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\IMG_01062014_000101.rar
2014-06-01 00:00 - 2014-04-18 03:10 - 00000000 ____D () D:\Users\Sven\AppData\Local\Paint.NET
2014-05-31 23:07 - 2014-05-31 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-05-31 23:06 - 2014-05-31 23:06 - 00000000 ____D () D:\Program Files\Sandboxie
2014-05-31 22:54 - 2014-05-31 22:54 - 02656264 _____ (Sandboxie Holdings, LLC) D:\Users\Sven\Desktop\SandboxieInstall.exe
2014-05-31 22:40 - 2014-05-31 22:35 - 03932226 _____ () D:\Users\Sven\Documents\wtzui68o9.bmp
2014-05-31 02:39 - 2013-03-22 19:07 - 00000000 ____D () D:\Download
2014-05-28 21:19 - 2014-05-28 21:19 - 00001263 _____ () D:\Users\Sven\Desktop\Lena Online Patcher - Verknüpfung.lnk
2014-05-28 07:40 - 2014-05-28 07:40 - 00000714 _____ () D:\Users\Sven\Documents\Config.rar
2014-05-27 16:25 - 2014-05-25 06:46 - 00000000 ____D () D:\ProgramData\MFAData
2014-05-26 21:36 - 2014-05-25 18:42 - 00000000 ____D () D:\Program Files (x86)\Extrinsic Studio
2014-05-26 18:11 - 2014-05-26 18:05 - 00001946 _____ () D:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-05-26 18:11 - 2014-01-16 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-05-26 18:02 - 2014-03-16 14:33 - 00000000 ____D () D:\Users\Sven\Desktop\Games
2014-05-25 21:39 - 2014-05-25 21:39 - 00000000 ____D () D:\Users\Sven\Desktop\Atlantica_MTRUE
2014-05-25 20:35 - 2014-05-25 20:35 - 00000926 _____ () D:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\Program Files (x86)\LogMeIn Hamachi
2014-05-25 20:17 - 2014-04-23 22:24 - 00000000 ____D () D:\Users\Sven\Desktop\Fraps
2014-05-25 20:03 - 2014-04-19 20:26 - 00000000 ____D () D:\Users\Sven\Desktop\Fiesta Server
2014-05-25 20:02 - 2014-01-17 00:31 - 00000000 ____D () D:\Users\Sven\Desktop\Bilder
2014-05-25 19:38 - 2014-05-25 19:38 - 00000184 _____ () D:\Users\Sven\Desktop\Play Ignis.url
2014-05-25 18:15 - 2014-05-10 17:41 - 00001048 _____ () D:\Users\Public\Desktop\Hotspot Shield.lnk
2014-05-25 06:55 - 2014-05-25 06:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TuneUp Software
2014-05-25 06:46 - 2014-05-25 06:46 - 00000000 ____D () D:\Users\Sven\AppData\Local\MFAData
2014-05-25 05:56 - 2014-05-25 05:56 - 06406144 _____ () D:\Users\Sven\Desktop\Hamachi-2.2.0.130.msi
2014-05-25 05:49 - 2014-05-25 05:25 - 00000599 _____ () D:\Users\Sven\Desktop\Skype addy.txt
2014-05-23 20:05 - 2014-01-16 23:07 - 00000000 ____D () D:\Program Files (x86)\GameforgeLive
2014-05-23 14:36 - 2009-07-14 19:58 - 00765006 _____ () D:\Windows\system32\perfh007.dat
2014-05-23 14:36 - 2009-07-14 19:58 - 00173756 _____ () D:\Windows\system32\perfc007.dat
2014-05-23 14:36 - 2009-07-14 07:13 - 01804038 _____ () D:\Windows\system32\PerfStringBackup.INI
2014-05-23 14:34 - 2014-05-23 14:34 - 00000000 ____D () D:\Users\Sven\Desktop\Skillet - It's Not Me It's You (Lyrics)
2014-05-22 21:23 - 2014-05-22 21:23 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Brother
2014-05-22 20:11 - 2014-05-20 21:59 - 00000806 _____ () D:\Users\Sven\Desktop\CoreTemp.ini
2014-05-22 17:43 - 2014-05-19 17:34 - 00003858 _____ () D:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389728356
2014-05-22 17:43 - 2014-01-14 21:39 - 00000000 ____D () D:\Program Files (x86)\Opera Next
2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-05-21 19:00 - 2014-05-19 17:50 - 00000000 ____D () D:\Program Files (x86)\Drakensang Online
2014-05-21 10:34 - 2014-05-21 10:34 - 00013507 _____ () D:\Users\Sven\Desktop\Unbenannt 1245.odt
2014-05-21 03:47 - 2014-05-21 03:45 - 00013854 _____ () D:\Users\Sven\Desktop\Unbenannt 1.odt
2014-05-21 03:21 - 2014-05-21 01:50 - 00020232 _____ () D:\Users\Sven\Documents\Ohne Titel.veg
2014-05-21 01:50 - 2014-05-21 01:50 - 00018768 _____ () D:\Users\Sven\Documents\Ohne Titel.veg.bak
2014-05-21 00:15 - 2014-05-21 00:15 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00001063 _____ () D:\Users\Public\Desktop\XMedia Recode.lnk
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\Program Files (x86)\XMedia Recode
2014-05-21 00:10 - 2014-05-21 00:10 - 07546805 _____ (XMedia Recode ) D:\Users\Sven\Desktop\XMediaRecode3187_setup.exe
2014-05-20 21:59 - 2014-05-20 21:59 - 00000011 _____ () D:\Users\Sven\Desktop\Plugins.ini
2014-05-20 21:58 - 2014-05-20 21:58 - 00188736 _____ () D:\Users\Sven\Desktop\CoreTemp_64bit_0.99.5.27_PCMASTERS.DE.rar
2014-05-20 20:21 - 2014-01-14 20:13 - 00000000 ____D () D:\ProgramData\Skype
2014-05-20 20:20 - 2014-04-25 17:16 - 00000000 ___RD () D:\Program Files (x86)\Skype
2014-05-20 12:52 - 2014-05-20 11:08 - 4218159104 _____ () D:\Users\Sven\Documents\DrakenSangLP.mxf
2014-05-20 11:08 - 2014-05-19 19:46 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Sony
2014-05-20 11:01 - 2014-05-20 11:01 - 01218658 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4
2014-05-20 10:13 - 2014-05-19 21:27 - 07763684 _____ () D:\Users\Sven\Desktop\DSC_0003.JPG.part
2014-05-19 22:04 - 2014-05-19 22:04 - 00002656 _____ () D:\Users\Sven\Documents\Vegas Pro registrieren.htm
2014-05-19 20:50 - 2014-05-19 20:50 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files (x86)\Sony
2014-05-19 20:49 - 2014-05-19 19:47 - 00000000 ____D () D:\Users\Sven\AppData\Local\Sony
2014-05-19 20:49 - 2014-05-19 19:47 - 00000000 ____D () D:\ProgramData\Sony
2014-05-19 19:56 - 2014-05-19 19:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Publish Providers
2014-05-19 19:44 - 2014-05-19 19:43 - 277095929 _____ () D:\Users\Sven\Downloads\SVP_12.zip
2014-05-19 17:49 - 2014-05-19 17:48 - 08988296 _____ () D:\Users\Sven\Desktop\DrakensangOnlineSetup.exe
2014-05-18 00:24 - 2014-05-18 00:24 - 00000029 _____ () D:\ValveUnhandledExceptionFilter.txt
2014-05-17 19:37 - 2014-05-17 19:32 - 55171247 _____ () D:\Users\Sven\Desktop\l4d2_2013.zip
2014-05-17 04:35 - 2014-05-25 18:14 - 00044744 _____ (AnchorFree Inc.) D:\Windows\system32\Drivers\hssdrv6.sys
2014-05-17 02:42 - 2014-05-17 02:42 - 00042184 _____ (Anchorfree Inc.) D:\Windows\system32\Drivers\taphss6.sys
2014-05-17 02:34 - 2014-05-17 02:34 - 00000000 ____D () D:\Users\Sven\Documents\Rockstar Games
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __SHD () D:\ProgramData\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __RHD () D:\Users\Sven\AppData\Roaming\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 ____D () D:\Users\Sven\AppData\Local\Rockstar Games
2014-05-15 16:20 - 2014-01-14 20:05 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:20 - 2014-01-14 20:05 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:16 - 2014-04-30 03:00 - 00000000 ___SD () D:\Windows\system32\CompatTel
2014-05-15 16:15 - 2009-07-14 05:20 - 00000000 ____D () D:\Windows\PolicyDefinitions
2014-05-14 20:55 - 2014-04-04 19:17 - 00000000 ____D () D:\Users\Sven\Documents\~ Au
2014-05-12 19:17 - 2014-05-02 20:18 - 00000000 ____D () D:\Users\Sven\Desktop\MCWoW 2.4.3
2014-05-12 07:26 - 2014-06-07 01:13 - 00091352 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-07 01:13 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-07 01:13 - 00025816 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys
2014-05-12 00:42 - 2014-05-11 16:53 - 00001270 _____ () D:\Users\Sven\Desktop\Sry.txt
2014-05-11 17:00 - 2009-07-14 05:20 - 00000000 ____D () D:\Windows\system32\NDF
2014-05-10 04:15 - 2014-05-10 04:15 - 00629584 _____ (Chip Digital GmbH) D:\Users\Sven\Desktop\Hotspot Shield VPN - CHIP-Downloader.exe

Files to move or delete:
====================
D:\Users\Sven\AutomaticUpdater.dll
D:\Users\Sven\binkw32.dll
D:\Users\Sven\DBNetwork.IndigoSxS.dll
D:\Users\Sven\LinqBridge.dll
D:\Users\Sven\mss32.dll
D:\Users\Sven\MW3 Launcher.exe
D:\Users\Sven\SteamAPIUpdater.dll
D:\Users\Sven\steamclient.dll
D:\Users\Sven\tier0_s.dll
D:\Users\Sven\update-mw3.bat
D:\Users\Sven\vstdlib_s.dll


Some content of TEMP:
====================
D:\Users\Sven\AppData\Local\Temp\4602657683342e931c151352386901fc.dll
D:\Users\Sven\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

D:\Windows\System32\winlogon.exe => File is digitally signed
D:\Windows\System32\wininit.exe => File is digitally signed
D:\Windows\SysWOW64\wininit.exe => File is digitally signed
D:\Windows\explorer.exe => File is digitally signed
D:\Windows\SysWOW64\explorer.exe => File is digitally signed
D:\Windows\System32\svchost.exe => File is digitally signed
D:\Windows\SysWOW64\svchost.exe => File is digitally signed
D:\Windows\System32\services.exe => File is digitally signed
D:\Windows\System32\User32.dll => File is digitally signed
D:\Windows\SysWOW64\User32.dll => File is digitally signed
D:\Windows\System32\userinit.exe => File is digitally signed
D:\Windows\SysWOW64\userinit.exe => File is digitally signed
D:\Windows\System32\rpcss.dll => File is digitally signed
D:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-06 14:26

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2014
Ran by Sven at 2014-06-09 10:16:45
Running from D:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
Alliance of Valiant Arms DE (HKLM-x32\...\Alliance of Valiant Arms DE) (Version:  - )
AOL Toolbar (HKCU\...\AOL Toolbar) (Version:  - )
AOL Toolbar (HKLM-x32\...\AOL Toolbar) (Version:  - )
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
BlackShot Á¦°Å (HKLM-x32\...\BlackShot) (Version:  - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
CryOnline (HKLM-x32\...\CryOnline) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DNDownloader version 1.2 (HKLM-x32\...\DNDownloader_is1) (Version: 1.2 - )
Dragon Nest Europe (HKLM-x32\...\Dragon Nest Europe) (Version:  - )
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Extreme Cabal version 1.5 (HKLM-x32\...\{8953F16B-42D8-414F-AAA6-00F6BFD94711}_is1) (Version: 1.5 - Extreme Cabal, Inc.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
Game Cam 2.6.1.0 (HKLM-x32\...\Game Cam) (Version: 2.6.1.0 - Game Cam Portal, Inc.)
Gameforge Live 2.0.3 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.3 - Gameforge)
GDR 1617 für SQL Server 2008 R2 (KB2494088) (64-bit) (HKLM\...\KB2494088) (Version: 10.50.1617.0 - Microsoft Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}.KB947789) (Version: 1 - Microsoft Corporation)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{362A3FDF-B12E-436A-9097-1B795A9FFCC5}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{79FB3E7E-FD92-49A9-AAD1-193EE4CB85D3}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Richtlinien (HKLM-x32\...\{78033A38-50E2-4A65-823F-C1B34DF9FE41}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{8DD113A8-811A-404E-A4D7-443D014946AC}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU (HKLM-x32\...\{3888A22E-1A9E-4DBE-A93B-42385141F37D}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Odin 1.00 (HKLM-x32\...\Odin 1.00) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Next 22.0.1471.40 (HKLM-x32\...\Opera 22.0.1471.40) (Version: 22.0.1471.40 - Opera Software ASA)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.99.0 - Red Giant, LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
S4 League_EU (HKLM-x32\...\{0D8F9B2D-ACCC-45A7-9D1C-261153D800DD}) (Version: 1.00.0000 - )
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Skyrim Online Mod version r3 (HKLM-x32\...\{719B4740-7A1C-42B7-BA78-0CB2486EE714}_is1) (Version: r3 - Skyrim Online)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00) (Version:  - )
Trapcode Particular (HKLM-x32\...\InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}) (Version: 2.1.0 - Red Giant Software)
Trapcode Particular (Version: 2.1.0 - Red Giant Software) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.3 - Red Giant) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
vertical 8.0 Version 8.0 (HKLM-x32\...\{3980FAC3-C393-44A8-83DE-D8865C1F5A92}_is1) (Version: 8.0 - )
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
XMedia Recode Version 3.1.8.7 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.7 - XMedia Recode)

==================== Restore Points  =========================

06-06-2014 09:26:36 Installed Trapcode Suite 64-bit
06-06-2014 09:59:23 Installed Trapcode Suite 64-bit
06-06-2014 10:12:09 Installed Trapcode Particular
06-06-2014 10:16:22 Installed Trapcode Suite 64-bit
06-06-2014 10:19:24 Installed Trapcode Particular

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-06-05 22:50 - 00000027 ____A D:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02BE0588-55D5-4695-B5B8-6163221ED019} - System32\Tasks\RunOW => D:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
Task: {12225468-B7B3-42DE-A189-15C239893A23} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19] (Adobe Systems Incorporated)
Task: {2CE8A091-52C1-4861-AD64-8454750C1B05} - System32\Tasks\ASUS\ASUS RegRun Loader => D:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {3CEBFDC6-38D0-4EA6-8D75-CD3E95D252A7} - System32\Tasks\Opera scheduled Autoupdate 1389728356 => D:\Program Files (x86)\Opera Next\launcher.exe [2014-05-22] (Opera Software)
Task: {59055344-BFB2-4230-B22B-54501CDF46D0} - System32\Tasks\Red Giant Link => D:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-05-22] ()
Task: {595969F5-F90E-44BC-9838-28E01B4380CA} - System32\Tasks\GoogleUpdateTaskMachineCore => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {957F22CC-D8EE-4D09-8692-5906ADDBF56B} - System32\Tasks\GoogleUpdateTaskMachineUA => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {A87809B4-DA7D-4A41-85E3-C5A1BAB2C6A8} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => D:\Program Files\ASUS\Ai Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {CBCF9BB6-254C-4AE6-B466-8D84C9CEB6C5} - System32\Tasks\{C0236C93-7C71-4189-8A59-34569938BE24} => D:\Users\Sven\Downloads\CODBO2-FULL.exe
Task: {CC8981E3-172B-4A73-8CF7-BEE105B5689B} - System32\Tasks\ASUS\ASUS Update Checker => D:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {DA21E1D7-9F87-4155-B8DC-A0A15342F1CA} - System32\Tasks\ASUS\ASUS SIX Engine => D:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {FDE6EE2F-4448-43B6-A344-4864766C6A4C} - System32\Tasks\{E4188078-43B8-44FB-B318-A97EC4635E45} => D:\Program Files (x86)\Extreme Cabal\cabal.exe [2013-01-17] (Extreme Cabal)
Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-25 20:01 - 2013-03-15 06:16 - 00086304 _____ () D:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-12-15 18:40 - 2009-12-15 18:40 - 00065536 _____ () D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2009-12-15 18:40 - 2009-12-15 18:40 - 00122880 _____ () D:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 18:41 - 2009-12-15 18:41 - 00139264 _____ () D:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-03-29 22:28 - 2014-03-29 22:28 - 00173568 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 01080832 _____ () D:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00833024 _____ () D:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00102344 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00108488 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00030208 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00233984 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00563656 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00577480 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00159232 _____ () D:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2009-12-16 00:44 - 2009-12-16 00:44 - 00516096 _____ () D:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2014-01-14 20:20 - 2009-03-19 23:35 - 00208896 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2014-01-14 20:20 - 2009-03-19 23:35 - 00008704 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2014-01-14 20:20 - 2009-01-15 15:55 - 00565248 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00716616 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00126280 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 04217672 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00414536 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 01732424 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 13695816 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: D:\ProgramData\Microsoft:Q3tJehShDBmcmpZXDgVzs
AlternateDataStreams: D:\ProgramData\Microsoft:TqF90BLIuJmVeT7Ud7dql86
AlternateDataStreams: D:\ProgramData\TEMP:373E1720
AlternateDataStreams: D:\Users\Sven\AppData\Local\Temporary Internet Files:FTMK0TacR0ybGwEU7BPmJ7
AlternateDataStreams: D:\Users\Sven\AppData\Local\ztmWClgV:X9kg8gPlJDp0taRlTWTBPfy0

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: winzipersvc => 2
MSCONFIG\startupfolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orbit.lnk => D:\Windows\pss\Orbit.lnk.CommonStartup
MSCONFIG\startupreg: BitTorrent => "D:\Users\Sven\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => D:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: HostManager => D:\Program Files (x86)\Common Files\AOL\1395673567\ee\AOLSoftware.exe
MSCONFIG\startupreg: IminentMessenger => D:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Turbo Key => "D:\Program Files\ASUS\Turbo Key\TurboKey.exe"
MSCONFIG\startupreg: Xfire => D:\Program Files (x86)\Xfire2\Xfire.exe

==================== Faulty Device Manager Devices =============

Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-05 22:45:19.788
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-05 22:45:19.575
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-09 19:57:59.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.305
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.265
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.115
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:58.959
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:58.829
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 8174.12 MB
Available physical RAM: 5242.47 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 13012.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.28 GB) (Free:29.05 GB) NTFS
Drive d: () (Fixed) (Total:443.13 GB) (Free:19.43 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (SKYRIM_EN) (CDROM) (Total:5.12 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A04065B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=443 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Sven on 09.06.2014 at  8:31:30,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-850703575-16975960-4280425002-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EF64538-8B54-4573-B48F-4D34B0238AB2}



~~~ Files

Successfully deleted: [File] "D:\Users\Sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"



~~~ Folders

Successfully deleted: [Folder] "D:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [Folder] D:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\zq926oak.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Emptied folder: D:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\zq926oak.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2014 at  8:44:55,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 09.06.2014, 13:19   #12
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



so ich habe das nun gemacht und neuen frst log gemacht

Code:
ATTFilter
# AdwCleaner v3.212 - Bericht erstellt am 09/06/2014 um 07:19:00
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Sven - SVEN-PC
# Gestartet von : D:\Users\Sven\Desktop\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : BCUService
Dienst Gelöscht : hshld
[#] Dienst Gelöscht : hsstrayservice
Dienst Gelöscht : hsswd

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : D:\ProgramData\AOL Toolbar
Ordner Gelöscht : D:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : D:\ProgramData\DeviceVM
Ordner Gelöscht : D:\ProgramData\hotspot shield
Ordner Gelöscht : D:\ProgramData\Viewpoint
Ordner Gelöscht : D:\ProgramData\WPM
Ordner Gelöscht : D:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Ordner Gelöscht : D:\Program Files (x86)\AOL Toolbar
Ordner Gelöscht : D:\Program Files (x86)\AVG SafeGuard toolbar
Ordner Gelöscht : D:\Program Files (x86)\DeviceVM
Ordner Gelöscht : D:\Program Files (x86)\hotspot shield
Ordner Gelöscht : D:\Program Files (x86)\orbitdownloader
Ordner Gelöscht : D:\Program Files (x86)\SupTab
Ordner Gelöscht : D:\Program Files (x86)\Viewpoint
Ordner Gelöscht : D:\Program Files (x86)\WinZipper
Ordner Gelöscht : D:\Program Files (x86)\Common Files\Software Update Utility
Ordner Gelöscht : D:\Windows\SysWOW64\hotspot shield
Ordner Gelöscht : D:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : D:\Users\Sven\AppData\Local\AOL Toolbar
Ordner Gelöscht : D:\Users\Sven\AppData\Local\genienext
Ordner Gelöscht : D:\Users\Sven\AppData\Local\Mobogenie
Ordner Gelöscht : D:\Users\Sven\AppData\LocalLow\Mysearchdial
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\DeviceVM
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\hotspot shield
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\SupTab
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\WinZipper
Ordner Gelöscht : D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
Ordner Gelöscht : D:\Users\Sven\Documents\Mobogenie
Ordner Gelöscht : D:\Users\Sven\Documents\Optimizer Pro
Ordner Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Ordner Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Datei Gelöscht : D:\Users\Sven\daemonprocess.txt
Datei Gelöscht : D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
Datei Gelöscht : D:\Program Files (x86)\Mozilla Firefox\searchplugins\delta-homes.xml
Datei Gelöscht : D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\user.js
Datei Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Datei Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : D:\Users\Sven\Desktop\Programme\Google Chrome.lnk
Verknüpfung Desinfiziert : D:\Users\Sven\Desktop\Programme\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : D:\Users\Sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Program Files (x86)\Orbitdownloader\orbitdm.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Program Files (x86)\Orbitdownloader\orbitnet.exe]
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Orbit
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\hotspotshield
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\Orbit
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\Viewpoint
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v27.0 (de)

[ Datei : D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Mysearchdial");
Zeile gelöscht : user_pref("browser.search.order.1", "Mysearchdial");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.a885f632d147140b99736370834c9febf6bc59f1b7afb44ab806816b3cdaf03e6com49042.49042.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.enabledAddons", "quick_start%40gmail.com:3.1.9,ffxtlbr%40mysearchdial.com:1.6.0,%7B140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA%7D:3.0.0.0,afproxy%40anchorfree.com:3.42,%7B972ce4c6-7e08-[...]
Zeile gelöscht : user_pref("extensions.irmysearch.aflt", "dvd_14_13_ch");
Zeile gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0Dt[...]
Zeile gelöscht : user_pref("extensions.irmysearch.cr", "856150521");
Zeile gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_a");

-\\ Google Chrome v35.0.1916.114

[ Datei : D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=
Gelöscht [Homepage] : hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP84A5CD7A-1EA2-4260-95EE-5CA3ED6B8FE4&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Gelöscht [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Gelöscht [Extension] : ombmmloebnfnpehgjnmkcgoegfachobp
Gelöscht [Extension] : pkndmigholgfjlniaohblojbhgjbkakn

*************************

AdwCleaner[R0].txt - [19872 octets] - [09/06/2014 06:57:50]
AdwCleaner[S0].txt - [17886 octets] - [09/06/2014 07:19:00]

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [17947 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Sven on 09.06.2014 at  8:31:30,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-850703575-16975960-4280425002-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EF64538-8B54-4573-B48F-4D34B0238AB2}



~~~ Files

Successfully deleted: [File] "D:\Users\Sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"



~~~ Folders

Successfully deleted: [Folder] "D:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [Folder] D:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\zq926oak.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Emptied folder: D:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\zq926oak.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2014 at  8:44:55,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2014
Ran by Sven at 2014-06-09 10:16:45
Running from D:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
Alliance of Valiant Arms DE (HKLM-x32\...\Alliance of Valiant Arms DE) (Version:  - )
AOL Toolbar (HKCU\...\AOL Toolbar) (Version:  - )
AOL Toolbar (HKLM-x32\...\AOL Toolbar) (Version:  - )
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
BlackShot Á¦°Å (HKLM-x32\...\BlackShot) (Version:  - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
CryOnline (HKLM-x32\...\CryOnline) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DNDownloader version 1.2 (HKLM-x32\...\DNDownloader_is1) (Version: 1.2 - )
Dragon Nest Europe (HKLM-x32\...\Dragon Nest Europe) (Version:  - )
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Extreme Cabal version 1.5 (HKLM-x32\...\{8953F16B-42D8-414F-AAA6-00F6BFD94711}_is1) (Version: 1.5 - Extreme Cabal, Inc.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
Game Cam 2.6.1.0 (HKLM-x32\...\Game Cam) (Version: 2.6.1.0 - Game Cam Portal, Inc.)
Gameforge Live 2.0.3 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.3 - Gameforge)
GDR 1617 für SQL Server 2008 R2 (KB2494088) (64-bit) (HKLM\...\KB2494088) (Version: 10.50.1617.0 - Microsoft Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}.KB947789) (Version: 1 - Microsoft Corporation)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{362A3FDF-B12E-436A-9097-1B795A9FFCC5}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{79FB3E7E-FD92-49A9-AAD1-193EE4CB85D3}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Richtlinien (HKLM-x32\...\{78033A38-50E2-4A65-823F-C1B34DF9FE41}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{8DD113A8-811A-404E-A4D7-443D014946AC}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU (HKLM-x32\...\{3888A22E-1A9E-4DBE-A93B-42385141F37D}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Odin 1.00 (HKLM-x32\...\Odin 1.00) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Next 22.0.1471.40 (HKLM-x32\...\Opera 22.0.1471.40) (Version: 22.0.1471.40 - Opera Software ASA)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.99.0 - Red Giant, LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
S4 League_EU (HKLM-x32\...\{0D8F9B2D-ACCC-45A7-9D1C-261153D800DD}) (Version: 1.00.0000 - )
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Skyrim Online Mod version r3 (HKLM-x32\...\{719B4740-7A1C-42B7-BA78-0CB2486EE714}_is1) (Version: r3 - Skyrim Online)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00) (Version:  - )
Trapcode Particular (HKLM-x32\...\InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}) (Version: 2.1.0 - Red Giant Software)
Trapcode Particular (Version: 2.1.0 - Red Giant Software) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.3 - Red Giant) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
vertical 8.0 Version 8.0 (HKLM-x32\...\{3980FAC3-C393-44A8-83DE-D8865C1F5A92}_is1) (Version: 8.0 - )
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
XMedia Recode Version 3.1.8.7 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.7 - XMedia Recode)

==================== Restore Points  =========================

06-06-2014 09:26:36 Installed Trapcode Suite 64-bit
06-06-2014 09:59:23 Installed Trapcode Suite 64-bit
06-06-2014 10:12:09 Installed Trapcode Particular
06-06-2014 10:16:22 Installed Trapcode Suite 64-bit
06-06-2014 10:19:24 Installed Trapcode Particular

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-06-05 22:50 - 00000027 ____A D:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02BE0588-55D5-4695-B5B8-6163221ED019} - System32\Tasks\RunOW => D:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
Task: {12225468-B7B3-42DE-A189-15C239893A23} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19] (Adobe Systems Incorporated)
Task: {2CE8A091-52C1-4861-AD64-8454750C1B05} - System32\Tasks\ASUS\ASUS RegRun Loader => D:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {3CEBFDC6-38D0-4EA6-8D75-CD3E95D252A7} - System32\Tasks\Opera scheduled Autoupdate 1389728356 => D:\Program Files (x86)\Opera Next\launcher.exe [2014-05-22] (Opera Software)
Task: {59055344-BFB2-4230-B22B-54501CDF46D0} - System32\Tasks\Red Giant Link => D:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-05-22] ()
Task: {595969F5-F90E-44BC-9838-28E01B4380CA} - System32\Tasks\GoogleUpdateTaskMachineCore => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {957F22CC-D8EE-4D09-8692-5906ADDBF56B} - System32\Tasks\GoogleUpdateTaskMachineUA => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {A87809B4-DA7D-4A41-85E3-C5A1BAB2C6A8} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => D:\Program Files\ASUS\Ai Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {CBCF9BB6-254C-4AE6-B466-8D84C9CEB6C5} - System32\Tasks\{C0236C93-7C71-4189-8A59-34569938BE24} => D:\Users\Sven\Downloads\CODBO2-FULL.exe
Task: {CC8981E3-172B-4A73-8CF7-BEE105B5689B} - System32\Tasks\ASUS\ASUS Update Checker => D:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {DA21E1D7-9F87-4155-B8DC-A0A15342F1CA} - System32\Tasks\ASUS\ASUS SIX Engine => D:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {FDE6EE2F-4448-43B6-A344-4864766C6A4C} - System32\Tasks\{E4188078-43B8-44FB-B318-A97EC4635E45} => D:\Program Files (x86)\Extreme Cabal\cabal.exe [2013-01-17] (Extreme Cabal)
Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-25 20:01 - 2013-03-15 06:16 - 00086304 _____ () D:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-12-15 18:40 - 2009-12-15 18:40 - 00065536 _____ () D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2009-12-15 18:40 - 2009-12-15 18:40 - 00122880 _____ () D:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 18:41 - 2009-12-15 18:41 - 00139264 _____ () D:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-03-29 22:28 - 2014-03-29 22:28 - 00173568 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 01080832 _____ () D:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00833024 _____ () D:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00102344 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00108488 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00030208 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00233984 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00563656 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-03-29 22:28 - 00577480 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-29 22:28 - 2014-03-29 22:28 - 00159232 _____ () D:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2009-12-16 00:44 - 2009-12-16 00:44 - 00516096 _____ () D:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2014-01-14 20:20 - 2009-03-19 23:35 - 00208896 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2014-01-14 20:20 - 2009-03-19 23:35 - 00008704 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2014-01-14 20:20 - 2009-01-15 15:55 - 00565248 _____ () D:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00716616 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00126280 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 04217672 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 00414536 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 01732424 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-23 09:09 - 2014-05-14 01:40 - 13695816 _____ () D:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: D:\ProgramData\Microsoft:Q3tJehShDBmcmpZXDgVzs
AlternateDataStreams: D:\ProgramData\Microsoft:TqF90BLIuJmVeT7Ud7dql86
AlternateDataStreams: D:\ProgramData\TEMP:373E1720
AlternateDataStreams: D:\Users\Sven\AppData\Local\Temporary Internet Files:FTMK0TacR0ybGwEU7BPmJ7
AlternateDataStreams: D:\Users\Sven\AppData\Local\ztmWClgV:X9kg8gPlJDp0taRlTWTBPfy0

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: winzipersvc => 2
MSCONFIG\startupfolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orbit.lnk => D:\Windows\pss\Orbit.lnk.CommonStartup
MSCONFIG\startupreg: BitTorrent => "D:\Users\Sven\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => D:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: HostManager => D:\Program Files (x86)\Common Files\AOL\1395673567\ee\AOLSoftware.exe
MSCONFIG\startupreg: IminentMessenger => D:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Turbo Key => "D:\Program Files\ASUS\Turbo Key\TurboKey.exe"
MSCONFIG\startupreg: Xfire => D:\Program Files (x86)\Xfire2\Xfire.exe

==================== Faulty Device Manager Devices =============

Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-05 22:45:19.788
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-05 22:45:19.575
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-09 19:57:59.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.305
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.265
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.115
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:59.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:58.959
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 19:57:58.829
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows.old.000\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 8174.12 MB
Available physical RAM: 5242.47 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 13012.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.28 GB) (Free:29.05 GB) NTFS
Drive d: () (Fixed) (Total:443.13 GB) (Free:19.43 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (SKYRIM_EN) (CDROM) (Total:5.12 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A04065B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=443 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014
Ran by Sven (administrator) on SVEN-PC on 09-06-2014 10:16:09
Running from D:\Users\Sven\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(AMD) D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) D:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Microsoft Corporation) D:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ASUSTeK Computer Inc.) D:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) D:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Saitek) D:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) D:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Akamai Technologies, Inc.) D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) D:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() D:\Windows\SysWOW64\WinMsgBalloonServer.exe
() D:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Oracle Corporation) D:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) D:\Windows\SysWOW64\notepad.exe
(Google Inc.) D:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [ProfilerU] => D:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => D:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => D:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => D:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => D:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BrStsMon00] => D:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Akamai NetSession Interface] => D:\Users\Sven\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [Skype] => D:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-850703575-16975960-4280425002-1000\...\Run: [AdobeBridge] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFE0C1FCE5311CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - D:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
StartMenuInternet: IEXPLORE.EXE - D:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {8E3D34F9-E0CA-4F4C-9A7D-B3E1EDE3B0FE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {D1FD30FD-C21E-4c68-A01C-4D27795A6F1E} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {FF34D94C-2381-45f2-B8F9-D90B6FED67D4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Rich Media View - {3ca4d879-f33d-4f52-bdf8-53c6ce7fb09b} - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ie\RichMediaViewV1release1179.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - D:\Program Files (x86)\AOL Toolbar\aoltb.dll No File
Toolbar: HKCU - No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{C910842C-1DD1-406A-9717-D4BF88859DE9}: [NameServer]192.168.178.25,192.168.178.1

FireFox:
========
FF ProfilePath: D:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\zq926oak.default
FF NewTab: chrome://quick_start/content/index.html
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - D:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - D:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - D:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - D:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - D:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - D:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - D:\Users\Sven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - D:\Users\Sven\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-01-28]
FF Extension: Hotspot Shield Extension - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-05-10]
FF Extension: Skype Click to Call - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - D:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - D:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP84A5CD7A-1EA2-4260-95EE-5CA3ED6B8FE4&SSPV=
CHR StartupUrls: "hxxp://www.google.de/", "hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtD0F0FyBtCyD0AyC0CtA0C0EyDyDzytN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0Fzy0C0AtA0DzytG0D0A0A0DtG0E0DyBtBtGtC0ByB0BtGtC0ByDyEyC0AyE0F0B0B0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA0Czz0F0CyCtGyCtCtDzytG0DyDyC0AtGtDzzyD0AtGtC0EyCtD0FyB0E0CyByCtA0D2Q&cr=856150521&ir=", "hxxp://mysearch.avg.com?cid={6476C965-EBEF-4BC7-A179-236AD0054964}&mid=c5458168d5da47d2a339d14acce4e9e6-4d739d14135f7c1cc976fcf1ede263a4f2d54edf&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-26 17:54:02&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR Extension: (Google Docs) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (YouTube) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Adblock Plus) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-25]
CHR Extension: (Google-Suche) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (AdBlock) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-25]
CHR Extension: (Google Wallet) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Google Mail) - D:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gfmhnehcigahmefdogigamdidmifoehl] - D:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5395\ch\MediaViewV1alpha5395.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - D:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mnkpeifjhlnepbmkfingkijmnffgjoaj] - D:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7583\ch\MediaBuzzV1mode7583.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [ochdbafdjjcmmcmlfdmooffpdkcjjppa] - D:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ch\RichMediaViewV1release1179.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD_RAIDXpert; D:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S3 ArcService; D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-05-20] (Perfect World Entertainment Inc)
R2 AsSysCtrlService; D:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S3 BrYNSvc; D:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 BstHdAndroidSvc; D:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; D:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; D:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; D:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 MSSQL$SVEN; d:\Program Files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\sqlservr.exe [61916000 2011-04-24] (Microsoft Corporation)
R2 NvNetworkService; D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S4 SQLAgent$SVEN; d:\Program Files\Microsoft SQL Server\MSSQL10_50.SVEN\MSSQL\Binn\SQLAGENT.EXE [428384 2011-04-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; D:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; D:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 BstHdDrv; D:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 dtsoftbus01; D:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-13] (Disc Soft Ltd)
R1 HssDRV6; D:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; D:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; D:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; D:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SaiK1713; D:\Windows\System32\DRIVERS\SaiK1713.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; D:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; D:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1713; D:\Windows\System32\DRIVERS\SaiU1713.sys [47168 2012-09-20] (Saitek)
R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R3 taphss6; D:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 ALSysIO; \??\D:\Users\Sven\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\D:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\D:\Windows\system32\drivers\EagleX64.sys [X]
S0 nanbj; System32\drivers\ndwcqeae.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\D:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\D:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 XFDriver64; \??\D:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
S3 xhunter1; \??\D:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-09 08:44 - 2014-06-09 08:44 - 00002168 _____ () D:\Users\Sven\Desktop\JRT.txt
2014-06-09 08:31 - 2014-06-09 08:31 - 00000000 ____D () D:\Windows\ERUNT
2014-06-09 08:23 - 2014-06-09 08:23 - 01016261 _____ (Thisisu) D:\Users\Sven\Desktop\JRT.exe
2014-06-09 07:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) D:\Windows\SysWOW64\sqlite3.dll
2014-06-09 06:57 - 2014-06-09 07:19 - 00000000 ____D () D:\AdwCleaner
2014-06-09 00:36 - 2014-06-09 00:37 - 00252168 _____ () D:\avenger.txt
2014-06-09 00:36 - 2014-06-09 00:36 - 00000000 ____D () D:\Avenger
2014-06-08 01:53 - 2014-06-08 01:53 - 00000000 ____D () D:\Users\Sven\Desktop\After Effects
2014-06-08 01:52 - 2014-06-08 01:52 - 01333465 _____ () D:\Users\Sven\Desktop\adwcleaner_3.212.exe
2014-06-07 22:52 - 2014-06-07 22:58 - 109017236 _____ () D:\Users\Sven\Desktop\Free_Stock_Pack.zip
2014-06-07 20:57 - 2014-06-07 20:58 - 02780612 _____ () D:\Users\Sven\Desktop\FireOfDeath.mp4
2014-06-07 08:30 - 2014-06-07 08:32 - 02740432 _____ () D:\Users\Sven\Desktop\BulletStormLP (Feuer).mp4
2014-06-07 03:23 - 2014-06-07 03:27 - 08054482 _____ () D:\Users\Sven\Desktop\EvilFlay (Feuer).mp4
2014-06-07 02:28 - 2014-06-07 02:28 - 00157152 _____ () D:\Users\Sven\Desktop\Unbenanntes Projekt.aep
2014-06-07 02:26 - 2014-06-07 02:27 - 07812990 _____ () D:\Users\Sven\Desktop\EvilFlay Intro.mp4
2014-06-07 02:19 - 2014-06-07 09:31 - 00194088 _____ () D:\Users\Sven\Desktop\EvilFlay.aep
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Public\Documents\Adobe
2014-06-07 01:31 - 2014-06-07 01:32 - 01169517 _____ () D:\Users\Sven\Desktop\smoke_pass.mp4
2014-06-07 01:31 - 2014-06-07 01:31 - 00981100 _____ () D:\Users\Sven\Desktop\SmokeFootage.zip
2014-06-07 01:13 - 2014-06-09 09:31 - 00122584 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-07 01:13 - 2014-06-07 01:13 - 00001098 _____ () D:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Malwarebytes
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-07 01:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-07 01:13 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys
2014-06-07 01:13 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys
2014-06-07 01:06 - 2014-06-07 01:07 - 17292760 _____ (Malwarebytes Corporation ) D:\Users\Sven\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-06 13:32 - 2014-06-07 01:27 - 23481743 _____ () D:\Users\Sven\Desktop\120.zip
2014-06-06 12:07 - 2014-06-06 12:08 - 18328764 _____ () D:\Users\Sven\Desktop\Trapcode Free.rar
2014-06-06 12:07 - 2010-10-22 23:17 - 00000000 ____D () D:\Users\Sven\Desktop\Trapcode Free
2014-06-06 11:56 - 2014-06-06 11:57 - 00000000 ____D () D:\Users\Sven\Desktop\TCSuite_Win_Full
2014-06-06 11:36 - 2014-06-06 11:37 - 242088647 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full (1).zip
2014-06-06 11:32 - 2014-06-06 11:32 - 00000000 ____D () D:\Program Files\Red Giant
2014-06-06 11:32 - 2014-05-02 15:15 - 12858368 _____ (Red Giant Software) D:\Windows\system32\Gpu_Shader_Engine_x64.dll
2014-06-06 11:30 - 2014-06-06 12:17 - 00000000 ____D () D:\ProgramData\rgt
2014-06-06 11:29 - 2014-06-06 11:29 - 00003648 _____ () D:\Windows\System32\Tasks\Red Giant Link
2014-06-06 11:28 - 2014-06-06 11:28 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Red Giant
2014-06-06 11:27 - 2014-06-06 11:31 - 00000000 ____D () D:\ProgramData\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\Program Files (x86)\Red Giant Link
2014-06-06 11:25 - 2014-06-06 11:25 - 00000000 ____D () D:\ProgramData\RedGiant
2014-06-06 11:24 - 2014-06-06 11:58 - 00000000 ____D () D:\Users\Sven\AppData\Local\Downloaded Installations
2014-06-06 11:21 - 2014-06-06 11:22 - 258367752 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full.zip
2014-06-06 11:15 - 2014-06-06 11:15 - 00001728 _____ () D:\Users\Sven\Desktop\AfterFX - Verknüpfung.lnk
2014-06-06 11:11 - 2014-06-06 11:11 - 38460651 _____ () D:\Users\Sven\Desktop\Optical_Flares.rar
2014-06-06 11:06 - 2014-06-06 11:06 - 00000021 _____ () D:\Windows\SurCode.INI
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\Documents\Adobe
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Local\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\ProgramData\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Program Files\Common Files\PACE Anti-Piracy
2014-06-06 10:58 - 2014-06-06 10:58 - 00000000 ____D () D:\ProgramData\regid.1986-12.com.adobe
2014-06-06 10:57 - 2014-06-06 10:57 - 00001194 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2014-06-06 10:56 - 2014-06-06 10:56 - 00001037 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-06-06 10:55 - 2014-06-06 10:55 - 00001515 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-06-06 10:55 - 2014-06-06 10:55 - 00001090 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2014-06-06 10:53 - 2014-06-06 10:53 - 00000997 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default\AppData\Roaming\Macromedia
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default User\AppData\Roaming\Macromedia
2014-06-06 10:49 - 2014-06-06 10:57 - 00000000 ____D () D:\Program Files\Adobe
2014-06-06 10:48 - 2014-06-06 10:56 - 00000000 ____D () D:\Program Files\Common Files\Adobe
2014-06-06 10:17 - 2014-06-06 10:19 - 00000000 ____D () D:\Users\Sven\Desktop\Adobe After Effects CS6 Full + Crack x32 & x64
2014-06-06 10:05 - 2014-06-06 10:05 - 01818037 _____ () D:\Users\Sven\Desktop\EvilFly.mp4
2014-06-06 09:55 - 2014-06-06 09:56 - 41765789 _____ () D:\Users\Sven\Documents\Lena1.wmv
2014-06-05 22:53 - 2014-06-05 22:53 - 00055501 _____ () D:\ComboFix.txt
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Public\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default User\AppData\Local\temp
2014-06-05 22:21 - 2011-06-26 08:45 - 00256000 _____ () D:\Windows\PEV.exe
2014-06-05 22:21 - 2010-11-07 19:20 - 00208896 _____ () D:\Windows\MBR.exe
2014-06-05 22:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00098816 _____ () D:\Windows\sed.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00080412 _____ () D:\Windows\grep.exe
2014-06-05 22:21 - 2000-08-31 02:00 - 00068096 _____ () D:\Windows\zip.exe
2014-06-05 22:20 - 2014-06-05 22:53 - 00000000 ____D () D:\Qoobox
2014-06-05 22:19 - 2014-06-05 22:51 - 00000000 ____D () D:\Windows\erdnt
2014-06-05 21:56 - 2014-06-05 21:56 - 05205146 ____R (Swearware) D:\Users\Sven\Desktop\ComboFix.exe
2014-06-05 21:49 - 2014-06-05 23:55 - 00000000 ____D () D:\Users\Sven\Documents\Dusk
2014-06-05 21:12 - 2014-06-05 21:12 - 00001681 _____ () D:\Users\Sven\Desktop\Trinity-Online 2014 - Verknüpfung.lnk
2014-06-05 20:27 - 2014-06-09 01:31 - 00000000 ____D () D:\Users\Sven\Desktop\Trinity-Online.de
2014-06-05 20:09 - 2014-06-05 20:26 - 3853038926 _____ () D:\Users\Sven\Desktop\Trinity-Onlinede.rar
2014-06-04 20:18 - 2014-06-04 20:18 - 00001260 _____ () D:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-06-04 20:18 - 2014-06-04 20:18 - 00000000 ____D () D:\Program Files (x86)\VS Revo Group
2014-06-04 20:14 - 2014-06-09 09:28 - 00000000 ____D () D:\Users\Sven\Desktop\FRST-OlderVersion
2014-06-02 19:31 - 2014-06-02 19:31 - 19562020 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4.sfvp0
2014-06-02 19:20 - 2014-06-02 19:20 - 00000728 _____ () D:\Users\Sven\Documents\Standard.sfvidcap
2014-06-02 18:34 - 2014-06-02 18:34 - 00048472 _____ () D:\Users\Sven\Desktop\Addition (1).txt
2014-06-02 18:28 - 2014-06-02 18:33 - 00048472 _____ () D:\Users\Sven\Desktop\Addition.txt
2014-06-02 18:26 - 2014-06-09 10:16 - 00021531 _____ () D:\Users\Sven\Desktop\FRST.txt
2014-06-02 18:26 - 2014-06-09 10:16 - 00000000 ____D () D:\FRST
2014-06-02 18:25 - 2014-06-09 09:28 - 02080768 _____ (Farbar) D:\Users\Sven\Desktop\FRST64.exe
2014-06-01 00:14 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\Desktop\IMG_01062014_000101.rar
2014-06-01 00:13 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\IMG_01062014_000101.rar
2014-05-31 23:07 - 2014-05-31 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-05-31 23:06 - 2014-05-31 23:06 - 00000000 ____D () D:\Program Files\Sandboxie
2014-05-31 22:54 - 2014-05-31 22:54 - 02656264 _____ (Sandboxie Holdings, LLC) D:\Users\Sven\Desktop\SandboxieInstall.exe
2014-05-31 22:35 - 2014-05-31 22:40 - 03932226 _____ () D:\Users\Sven\Documents\wtzui68o9.bmp
2014-05-28 21:19 - 2014-05-28 21:19 - 00001263 _____ () D:\Users\Sven\Desktop\Lena Online Patcher - Verknüpfung.lnk
2014-05-28 07:40 - 2014-05-28 07:40 - 00000714 _____ () D:\Users\Sven\Documents\Config.rar
2014-05-26 18:05 - 2014-05-26 18:11 - 00001946 _____ () D:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-05-25 21:39 - 2014-05-25 21:39 - 00000000 ____D () D:\Users\Sven\Desktop\Atlantica_MTRUE
2014-05-25 20:35 - 2014-05-25 20:35 - 00000926 _____ () D:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\Program Files (x86)\LogMeIn Hamachi
2014-05-25 19:38 - 2014-05-25 19:38 - 00000184 _____ () D:\Users\Sven\Desktop\Play Ignis.url
2014-05-25 18:42 - 2014-05-26 21:36 - 00000000 ____D () D:\Program Files (x86)\Extrinsic Studio
2014-05-25 18:14 - 2014-05-17 04:35 - 00044744 _____ (AnchorFree Inc.) D:\Windows\system32\Drivers\hssdrv6.sys
2014-05-25 06:55 - 2014-05-25 06:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TuneUp Software
2014-05-25 06:46 - 2014-05-27 16:25 - 00000000 ____D () D:\ProgramData\MFAData
2014-05-25 06:46 - 2014-05-25 06:46 - 00000000 ____D () D:\Users\Sven\AppData\Local\MFAData
2014-05-25 05:56 - 2014-05-25 05:56 - 06406144 _____ () D:\Users\Sven\Desktop\Hamachi-2.2.0.130.msi
2014-05-25 05:25 - 2014-05-25 05:49 - 00000599 _____ () D:\Users\Sven\Desktop\Skype addy.txt
2014-05-23 14:34 - 2014-05-23 14:34 - 00000000 ____D () D:\Users\Sven\Desktop\Skillet - It's Not Me It's You (Lyrics)
2014-05-22 21:23 - 2014-05-22 21:23 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Brother
2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-05-21 10:34 - 2014-05-21 10:34 - 00013507 _____ () D:\Users\Sven\Desktop\Unbenannt 1245.odt
2014-05-21 03:45 - 2014-05-21 03:47 - 00013854 _____ () D:\Users\Sven\Desktop\Unbenannt 1.odt
2014-05-21 01:50 - 2014-05-21 03:21 - 00020232 _____ () D:\Users\Sven\Documents\Ohne Titel.veg
2014-05-21 01:50 - 2014-05-21 01:50 - 00018768 _____ () D:\Users\Sven\Documents\Ohne Titel.veg.bak
2014-05-21 00:15 - 2014-05-21 00:15 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00001063 _____ () D:\Users\Public\Desktop\XMedia Recode.lnk
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\Program Files (x86)\XMedia Recode
2014-05-21 00:10 - 2014-05-21 00:10 - 07546805 _____ (XMedia Recode ) D:\Users\Sven\Desktop\XMediaRecode3187_setup.exe
2014-05-20 21:59 - 2014-05-22 20:11 - 00000806 _____ () D:\Users\Sven\Desktop\CoreTemp.ini
2014-05-20 21:59 - 2014-05-20 21:59 - 00000011 _____ () D:\Users\Sven\Desktop\Plugins.ini
2014-05-20 21:58 - 2014-05-20 21:58 - 00188736 _____ () D:\Users\Sven\Desktop\CoreTemp_64bit_0.99.5.27_PCMASTERS.DE.rar
2014-05-20 21:58 - 2009-08-05 13:28 - 00018868 _____ () D:\Users\Sven\Desktop\Changes.txt
2014-05-20 21:58 - 2009-08-05 13:24 - 00472592 _____ () D:\Users\Sven\Desktop\Core Temp.exe
2014-05-20 21:58 - 2008-04-22 00:50 - 00003547 _____ () D:\Users\Sven\Desktop\ReadMe!.txt
2014-05-20 11:08 - 2014-05-20 12:52 - 4218159104 _____ () D:\Users\Sven\Documents\DrakenSangLP.mxf
2014-05-20 11:01 - 2014-05-20 11:01 - 01218658 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4
2014-05-19 22:04 - 2014-05-19 22:04 - 00002656 _____ () D:\Users\Sven\Documents\Vegas Pro registrieren.htm
2014-05-19 21:27 - 2014-05-20 10:13 - 07763684 _____ () D:\Users\Sven\Desktop\DSC_0003.JPG.part
2014-05-19 20:50 - 2014-05-19 20:50 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files (x86)\Sony
2014-05-19 19:55 - 2014-05-19 19:56 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Publish Providers
2014-05-19 19:47 - 2014-05-19 20:49 - 00000000 ____D () D:\Users\Sven\AppData\Local\Sony
2014-05-19 19:47 - 2014-05-19 20:49 - 00000000 ____D () D:\ProgramData\Sony
2014-05-19 19:46 - 2014-05-20 11:08 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Sony
2014-05-19 19:43 - 2014-05-19 19:44 - 277095929 _____ () D:\Users\Sven\Downloads\SVP_12.zip
2014-05-19 17:50 - 2014-05-21 19:00 - 00000000 ____D () D:\Program Files (x86)\Drakensang Online
2014-05-19 17:48 - 2014-05-19 17:49 - 08988296 _____ () D:\Users\Sven\Desktop\DrakensangOnlineSetup.exe
2014-05-19 17:34 - 2014-05-22 17:43 - 00003858 _____ () D:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389728356
2014-05-18 00:24 - 2014-05-18 00:24 - 00000029 _____ () D:\ValveUnhandledExceptionFilter.txt
2014-05-17 19:32 - 2014-05-17 19:37 - 55171247 _____ () D:\Users\Sven\Desktop\l4d2_2013.zip
2014-05-17 02:42 - 2014-05-17 02:42 - 00042184 _____ (Anchorfree Inc.) D:\Windows\system32\Drivers\taphss6.sys
2014-05-17 02:34 - 2014-05-17 02:34 - 00000000 ____D () D:\Users\Sven\Documents\Rockstar Games
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __SHD () D:\ProgramData\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __RHD () D:\Users\Sven\AppData\Roaming\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 ____D () D:\Users\Sven\AppData\Local\Rockstar Games
2014-05-15 02:50 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-05-15 02:50 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-05-15 02:50 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-05-15 02:50 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-05-14 10:18 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-05-14 10:18 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-05-14 10:18 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) D:\Windows\system32\shell32.dll
2014-05-14 10:18 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) D:\Windows\SysWOW64\shell32.dll
2014-05-14 10:17 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 10:17 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 10:17 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) D:\Windows\system32\lsasrv.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) D:\Windows\system32\sspicli.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) D:\Windows\system32\lsass.exe
2014-05-14 10:17 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) D:\Windows\system32\sspisrv.dll
2014-05-14 10:17 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) D:\Windows\system32\secur32.dll
2014-05-14 10:17 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\secur32.dll
2014-05-14 10:17 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) D:\Windows\SysWOW64\sspicli.dll
2014-05-14 10:17 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) D:\Windows\system32\ntoskrnl.exe
2014-05-14 10:17 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) D:\Windows\system32\kerberos.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) D:\Windows\system32\objsel.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) D:\Windows\system32\KernelBase.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) D:\Windows\system32\schannel.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) D:\Windows\system32\msv1_0.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) D:\Windows\system32\wdigest.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) D:\Windows\system32\TSpkg.dll
2014-05-14 10:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) D:\Windows\system32\wincredprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) D:\Windows\system32\winlogon.exe
2014-05-14 10:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) D:\Windows\system32\cngprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\adprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) D:\Windows\system32\capiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) D:\Windows\system32\dpapiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) D:\Windows\system32\dimsroam.dll
2014-05-14 10:17 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\credssp.dll
2014-05-14 10:17 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 10:17 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 10:17 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\kerberos.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) D:\Windows\SysWOW64\objsel.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msv1_0.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) D:\Windows\SysWOW64\schannel.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wdigest.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) D:\Windows\SysWOW64\TSpkg.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) D:\Windows\SysWOW64\cngprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) D:\Windows\SysWOW64\adprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) D:\Windows\SysWOW64\capiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dimsroam.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 10:17 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) D:\Windows\SysWOW64\credssp.dll
2014-05-14 10:17 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) D:\Windows\SysWOW64\KernelBase.dll
2014-05-11 16:53 - 2014-05-12 00:42 - 00001270 _____ () D:\Users\Sven\Desktop\Sry.txt
2014-05-10 17:41 - 2014-05-25 18:15 - 00001048 _____ () D:\Users\Public\Desktop\Hotspot Shield.lnk
2014-05-10 04:15 - 2014-05-10 04:15 - 00629584 _____ (Chip Digital GmbH) D:\Users\Sven\Desktop\Hotspot Shield VPN - CHIP-Downloader.exe

==================== One Month Modified Files and Folders =======

2014-06-09 10:16 - 2014-06-02 18:26 - 00021531 _____ () D:\Users\Sven\Desktop\FRST.txt
2014-06-09 10:16 - 2014-06-02 18:26 - 00000000 ____D () D:\FRST
2014-06-09 10:16 - 2014-01-14 20:05 - 00000000 ____D () D:\Users\Sven\AppData\Local\Temp
2014-06-09 10:15 - 2014-01-14 20:13 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Skype
2014-06-09 10:02 - 2014-01-21 20:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TS3Client
2014-06-09 09:40 - 2014-01-14 20:10 - 00001106 _____ () D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 09:31 - 2014-06-07 01:13 - 00122584 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 09:29 - 2014-01-19 14:23 - 00000884 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-09 09:28 - 2014-06-04 20:14 - 00000000 ____D () D:\Users\Sven\Desktop\FRST-OlderVersion
2014-06-09 09:28 - 2014-06-02 18:25 - 02080768 _____ (Farbar) D:\Users\Sven\Desktop\FRST64.exe
2014-06-09 08:44 - 2014-06-09 08:44 - 00002168 _____ () D:\Users\Sven\Desktop\JRT.txt
2014-06-09 08:31 - 2014-06-09 08:31 - 00000000 ____D () D:\Windows\ERUNT
2014-06-09 08:23 - 2014-06-09 08:23 - 01016261 _____ (Thisisu) D:\Users\Sven\Desktop\JRT.exe
2014-06-09 07:30 - 2014-01-14 19:51 - 01981018 _____ () D:\Windows\WindowsUpdate.log
2014-06-09 07:30 - 2009-07-14 06:45 - 00014336 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 07:30 - 2009-07-14 06:45 - 00014336 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 07:26 - 2014-02-10 01:17 - 00000000 ____D () D:\Program Files (x86)\Steam
2014-06-09 07:26 - 2014-01-14 23:36 - 00000000 ____D () D:\Users\Sven\AppData\Local\LogMeIn Hamachi
2014-06-09 07:25 - 2014-01-14 20:10 - 00001102 _____ () D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-09 07:25 - 2009-07-14 06:51 - 00071169 _____ () D:\Windows\setupact.log
2014-06-09 07:24 - 2014-01-14 20:58 - 00589786 _____ () D:\Windows\PFRO.log
2014-06-09 07:24 - 2014-01-14 20:54 - 00000000 ____D () D:\ProgramData\NVIDIA
2014-06-09 07:24 - 2009-07-14 07:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT
2014-06-09 07:19 - 2014-06-09 06:57 - 00000000 ____D () D:\AdwCleaner
2014-06-09 07:19 - 2014-04-19 20:33 - 00000000 ____D () D:\Users\Sven\Desktop\Programme
2014-06-09 07:19 - 2014-02-11 18:10 - 00001057 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-09 07:19 - 2014-01-14 20:11 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-09 07:19 - 2014-01-14 20:05 - 00000000 ____D () D:\Users\Sven
2014-06-09 02:15 - 2014-04-27 18:00 - 00000000 ____D () D:\Users\Sven\Downloads\Gameforge Live
2014-06-09 01:31 - 2014-06-05 20:27 - 00000000 ____D () D:\Users\Sven\Desktop\Trinity-Online.de
2014-06-09 00:37 - 2014-06-09 00:36 - 00252168 _____ () D:\avenger.txt
2014-06-09 00:36 - 2014-06-09 00:36 - 00000000 ____D () D:\Avenger
2014-06-08 02:24 - 2014-02-10 23:10 - 00000000 ____D () D:\Users\Sven\Desktop\Musik
2014-06-08 01:53 - 2014-06-08 01:53 - 00000000 ____D () D:\Users\Sven\Desktop\After Effects
2014-06-08 01:52 - 2014-06-08 01:52 - 01333465 _____ () D:\Users\Sven\Desktop\adwcleaner_3.212.exe
2014-06-07 23:24 - 2014-01-14 19:47 - 00000000 ____D () D:\Windows\Panther
2014-06-07 22:58 - 2014-06-07 22:52 - 109017236 _____ () D:\Users\Sven\Desktop\Free_Stock_Pack.zip
2014-06-07 21:17 - 2014-02-10 22:43 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\vlc
2014-06-07 20:58 - 2014-06-07 20:57 - 02780612 _____ () D:\Users\Sven\Desktop\FireOfDeath.mp4
2014-06-07 09:31 - 2014-06-07 02:19 - 00194088 _____ () D:\Users\Sven\Desktop\EvilFlay.aep
2014-06-07 08:32 - 2014-06-07 08:30 - 02740432 _____ () D:\Users\Sven\Desktop\BulletStormLP (Feuer).mp4
2014-06-07 03:27 - 2014-06-07 03:23 - 08054482 _____ () D:\Users\Sven\Desktop\EvilFlay (Feuer).mp4
2014-06-07 02:28 - 2014-06-07 02:28 - 00157152 _____ () D:\Users\Sven\Desktop\Unbenanntes Projekt.aep
2014-06-07 02:27 - 2014-06-07 02:26 - 07812990 _____ () D:\Users\Sven\Desktop\EvilFlay Intro.mp4
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-06-07 02:17 - 2014-06-07 02:17 - 00000000 ____D () D:\Users\Public\Documents\Adobe
2014-06-07 01:32 - 2014-06-07 01:31 - 01169517 _____ () D:\Users\Sven\Desktop\smoke_pass.mp4
2014-06-07 01:31 - 2014-06-07 01:31 - 00981100 _____ () D:\Users\Sven\Desktop\SmokeFootage.zip
2014-06-07 01:27 - 2014-06-06 13:32 - 23481743 _____ () D:\Users\Sven\Desktop\120.zip
2014-06-07 01:13 - 2014-06-07 01:13 - 00001098 _____ () D:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\ProgramData\Malwarebytes
2014-06-07 01:13 - 2014-06-07 01:13 - 00000000 ____D () D:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-07 01:07 - 2014-06-07 01:06 - 17292760 _____ (Malwarebytes Corporation ) D:\Users\Sven\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-06 22:57 - 2009-07-14 06:45 - 04932528 _____ () D:\Windows\system32\FNTCACHE.DAT
2014-06-06 14:51 - 2014-02-11 19:11 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\BitTorrent
2014-06-06 12:17 - 2014-06-06 11:30 - 00000000 ____D () D:\ProgramData\rgt
2014-06-06 12:17 - 2014-01-14 20:08 - 00000000 ___HD () D:\Program Files (x86)\InstallShield Installation Information
2014-06-06 12:08 - 2014-06-06 12:07 - 18328764 _____ () D:\Users\Sven\Desktop\Trapcode Free.rar
2014-06-06 11:58 - 2014-06-06 11:24 - 00000000 ____D () D:\Users\Sven\AppData\Local\Downloaded Installations
2014-06-06 11:57 - 2014-06-06 11:56 - 00000000 ____D () D:\Users\Sven\Desktop\TCSuite_Win_Full
2014-06-06 11:37 - 2014-06-06 11:36 - 242088647 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full (1).zip
2014-06-06 11:32 - 2014-06-06 11:32 - 00000000 ____D () D:\Program Files\Red Giant
2014-06-06 11:31 - 2014-06-06 11:27 - 00000000 ____D () D:\ProgramData\Red Giant
2014-06-06 11:29 - 2014-06-06 11:29 - 00003648 _____ () D:\Windows\System32\Tasks\Red Giant Link
2014-06-06 11:28 - 2014-06-06 11:28 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-06-06 11:27 - 2014-06-06 11:27 - 00000000 ____D () D:\Program Files (x86)\Red Giant Link
2014-06-06 11:25 - 2014-06-06 11:25 - 00000000 ____D () D:\ProgramData\RedGiant
2014-06-06 11:22 - 2014-06-06 11:21 - 258367752 _____ () D:\Users\Sven\Desktop\TCSuite_Win_Full.zip
2014-06-06 11:15 - 2014-06-06 11:15 - 00001728 _____ () D:\Users\Sven\Desktop\AfterFX - Verknüpfung.lnk
2014-06-06 11:11 - 2014-06-06 11:11 - 38460651 _____ () D:\Users\Sven\Desktop\Optical_Flares.rar
2014-06-06 11:07 - 2014-01-14 20:36 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Adobe
2014-06-06 11:06 - 2014-06-06 11:06 - 00000021 _____ () D:\Windows\SurCode.INI
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\Documents\Adobe
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Users\Sven\AppData\Local\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\ProgramData\PACE Anti-Piracy
2014-06-06 11:06 - 2014-06-06 11:06 - 00000000 ____D () D:\Program Files\Common Files\PACE Anti-Piracy
2014-06-06 11:06 - 2014-03-21 01:02 - 00000000 ___HD () D:\Users\Sven\AppData\Local\FCZ3EYoCCXl
2014-06-06 11:06 - 2014-01-14 20:26 - 00000000 ____D () D:\Users\Sven\AppData\Local\Adobe
2014-06-06 11:06 - 2013-01-14 07:10 - 00000000 ___HD () D:\Users\Sven\AppData\Local\ztmWClgV
2014-06-06 11:00 - 2014-01-14 20:10 - 00068464 _____ () D:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-06 10:58 - 2014-06-06 10:58 - 00000000 ____D () D:\ProgramData\regid.1986-12.com.adobe
2014-06-06 10:58 - 2014-01-14 20:35 - 00000000 ____D () D:\ProgramData\Adobe
2014-06-06 10:57 - 2014-06-06 10:57 - 00001194 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2014-06-06 10:57 - 2014-06-06 10:49 - 00000000 ____D () D:\Program Files\Adobe
2014-06-06 10:56 - 2014-06-06 10:56 - 00001037 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-06-06 10:56 - 2014-06-06 10:48 - 00000000 ____D () D:\Program Files\Common Files\Adobe
2014-06-06 10:55 - 2014-06-06 10:55 - 00001515 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-06-06 10:55 - 2014-06-06 10:55 - 00001090 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2014-06-06 10:55 - 2014-01-14 20:35 - 00000000 ____D () D:\Program Files (x86)\Adobe
2014-06-06 10:53 - 2014-06-06 10:53 - 00000997 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default\AppData\Roaming\Macromedia
2014-06-06 10:53 - 2014-06-06 10:53 - 00000000 ____D () D:\Users\Default User\AppData\Roaming\Macromedia
2014-06-06 10:19 - 2014-06-06 10:17 - 00000000 ____D () D:\Users\Sven\Desktop\Adobe After Effects CS6 Full + Crack x32 & x64
2014-06-06 10:05 - 2014-06-06 10:05 - 01818037 _____ () D:\Users\Sven\Desktop\EvilFly.mp4
2014-06-06 09:56 - 2014-06-06 09:55 - 41765789 _____ () D:\Users\Sven\Documents\Lena1.wmv
2014-06-05 23:55 - 2014-06-05 21:49 - 00000000 ____D () D:\Users\Sven\Documents\Dusk
2014-06-05 22:53 - 2014-06-05 22:53 - 00055501 _____ () D:\ComboFix.txt
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Public\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:53 - 00000000 ____D () D:\Users\Default User\AppData\Local\temp
2014-06-05 22:53 - 2014-06-05 22:20 - 00000000 ____D () D:\Qoobox
2014-06-05 22:53 - 2009-07-14 05:20 - 00000000 __RHD () D:\Users\Default
2014-06-05 22:51 - 2014-06-05 22:19 - 00000000 ____D () D:\Windows\erdnt
2014-06-05 22:50 - 2009-07-14 04:34 - 00000252 _____ () D:\Windows\system.ini
2014-06-05 21:56 - 2014-06-05 21:56 - 05205146 ____R (Swearware) D:\Users\Sven\Desktop\ComboFix.exe
2014-06-05 21:12 - 2014-06-05 21:12 - 00001681 _____ () D:\Users\Sven\Desktop\Trinity-Online 2014 - Verknüpfung.lnk
2014-06-05 21:03 - 2014-03-26 14:20 - 00000000 ____D () D:\Users\Sven\AppData\Local\P4tcher
2014-06-05 20:26 - 2014-06-05 20:09 - 3853038926 _____ () D:\Users\Sven\Desktop\Trinity-Onlinede.rar
2014-06-05 05:40 - 2014-02-10 22:26 - 00001474 __RSH () D:\ProgramData\ntuser.pol
2014-06-05 00:19 - 2009-07-14 06:57 - 00001547 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-04 21:31 - 2014-02-05 18:07 - 00000000 ____D () D:\Riot Games
2014-06-04 20:18 - 2014-06-04 20:18 - 00001260 _____ () D:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-06-04 20:18 - 2014-06-04 20:18 - 00000000 ____D () D:\Program Files (x86)\VS Revo Group
2014-06-04 01:55 - 2014-04-26 18:25 - 00001528 _____ () D:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-06-04 01:55 - 2014-04-26 18:25 - 00001235 _____ () D:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-06-04 01:55 - 2014-02-10 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-04 01:55 - 2014-02-10 23:07 - 00000000 ____D () D:\Program Files (x86)\DVDVideoSoft
2014-06-04 01:54 - 2014-02-10 23:07 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\DVDVideoSoft
2014-06-03 20:58 - 2014-01-14 21:59 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Orbit
2014-06-03 20:58 - 2009-07-14 05:20 - 00000000 ___RD () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 19:31 - 2014-06-02 19:31 - 19562020 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4.sfvp0
2014-06-02 19:20 - 2014-06-02 19:20 - 00000728 _____ () D:\Users\Sven\Documents\Standard.sfvidcap
2014-06-02 18:34 - 2014-06-02 18:34 - 00048472 _____ () D:\Users\Sven\Desktop\Addition (1).txt
2014-06-02 18:33 - 2014-06-02 18:28 - 00048472 _____ () D:\Users\Sven\Desktop\Addition.txt
2014-06-01 00:13 - 2014-06-01 00:14 - 00592349 _____ () D:\Users\Sven\Desktop\IMG_01062014_000101.rar
2014-06-01 00:13 - 2014-06-01 00:13 - 00592349 _____ () D:\Users\Sven\IMG_01062014_000101.rar
2014-06-01 00:00 - 2014-04-18 03:10 - 00000000 ____D () D:\Users\Sven\AppData\Local\Paint.NET
2014-05-31 23:07 - 2014-05-31 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-05-31 23:06 - 2014-05-31 23:06 - 00000000 ____D () D:\Program Files\Sandboxie
2014-05-31 22:54 - 2014-05-31 22:54 - 02656264 _____ (Sandboxie Holdings, LLC) D:\Users\Sven\Desktop\SandboxieInstall.exe
2014-05-31 22:40 - 2014-05-31 22:35 - 03932226 _____ () D:\Users\Sven\Documents\wtzui68o9.bmp
2014-05-31 02:39 - 2013-03-22 19:07 - 00000000 ____D () D:\Download
2014-05-28 21:19 - 2014-05-28 21:19 - 00001263 _____ () D:\Users\Sven\Desktop\Lena Online Patcher - Verknüpfung.lnk
2014-05-28 07:40 - 2014-05-28 07:40 - 00000714 _____ () D:\Users\Sven\Documents\Config.rar
2014-05-27 16:25 - 2014-05-25 06:46 - 00000000 ____D () D:\ProgramData\MFAData
2014-05-26 21:36 - 2014-05-25 18:42 - 00000000 ____D () D:\Program Files (x86)\Extrinsic Studio
2014-05-26 18:11 - 2014-05-26 18:05 - 00001946 _____ () D:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
2014-05-26 18:11 - 2014-01-16 23:07 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-05-26 18:02 - 2014-03-16 14:33 - 00000000 ____D () D:\Users\Sven\Desktop\Games
2014-05-25 21:39 - 2014-05-25 21:39 - 00000000 ____D () D:\Users\Sven\Desktop\Atlantica_MTRUE
2014-05-25 20:35 - 2014-05-25 20:35 - 00000926 _____ () D:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-25 20:35 - 2014-05-25 20:35 - 00000000 ____D () D:\Program Files (x86)\LogMeIn Hamachi
2014-05-25 20:17 - 2014-04-23 22:24 - 00000000 ____D () D:\Users\Sven\Desktop\Fraps
2014-05-25 20:03 - 2014-04-19 20:26 - 00000000 ____D () D:\Users\Sven\Desktop\Fiesta Server
2014-05-25 20:02 - 2014-01-17 00:31 - 00000000 ____D () D:\Users\Sven\Desktop\Bilder
2014-05-25 19:38 - 2014-05-25 19:38 - 00000184 _____ () D:\Users\Sven\Desktop\Play Ignis.url
2014-05-25 18:15 - 2014-05-10 17:41 - 00001048 _____ () D:\Users\Public\Desktop\Hotspot Shield.lnk
2014-05-25 06:55 - 2014-05-25 06:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\TuneUp Software
2014-05-25 06:46 - 2014-05-25 06:46 - 00000000 ____D () D:\Users\Sven\AppData\Local\MFAData
2014-05-25 05:56 - 2014-05-25 05:56 - 06406144 _____ () D:\Users\Sven\Desktop\Hamachi-2.2.0.130.msi
2014-05-25 05:49 - 2014-05-25 05:25 - 00000599 _____ () D:\Users\Sven\Desktop\Skype addy.txt
2014-05-23 20:05 - 2014-01-16 23:07 - 00000000 ____D () D:\Program Files (x86)\GameforgeLive
2014-05-23 14:36 - 2009-07-14 19:58 - 00765006 _____ () D:\Windows\system32\perfh007.dat
2014-05-23 14:36 - 2009-07-14 19:58 - 00173756 _____ () D:\Windows\system32\perfc007.dat
2014-05-23 14:36 - 2009-07-14 07:13 - 01804038 _____ () D:\Windows\system32\PerfStringBackup.INI
2014-05-23 14:34 - 2014-05-23 14:34 - 00000000 ____D () D:\Users\Sven\Desktop\Skillet - It's Not Me It's You (Lyrics)
2014-05-22 21:23 - 2014-05-22 21:23 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Brother
2014-05-22 20:11 - 2014-05-20 21:59 - 00000806 _____ () D:\Users\Sven\Desktop\CoreTemp.ini
2014-05-22 17:43 - 2014-05-19 17:34 - 00003858 _____ () D:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389728356
2014-05-22 17:43 - 2014-01-14 21:39 - 00000000 ____D () D:\Program Files (x86)\Opera Next
2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-05-21 19:00 - 2014-05-19 17:50 - 00000000 ____D () D:\Program Files (x86)\Drakensang Online
2014-05-21 10:34 - 2014-05-21 10:34 - 00013507 _____ () D:\Users\Sven\Desktop\Unbenannt 1245.odt
2014-05-21 03:47 - 2014-05-21 03:45 - 00013854 _____ () D:\Users\Sven\Desktop\Unbenannt 1.odt
2014-05-21 03:21 - 2014-05-21 01:50 - 00020232 _____ () D:\Users\Sven\Documents\Ohne Titel.veg
2014-05-21 01:50 - 2014-05-21 01:50 - 00018768 _____ () D:\Users\Sven\Documents\Ohne Titel.veg.bak
2014-05-21 00:15 - 2014-05-21 00:15 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00001063 _____ () D:\Users\Public\Desktop\XMedia Recode.lnk
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-05-21 00:12 - 2014-05-21 00:12 - 00000000 ____D () D:\Program Files (x86)\XMedia Recode
2014-05-21 00:10 - 2014-05-21 00:10 - 07546805 _____ (XMedia Recode ) D:\Users\Sven\Desktop\XMediaRecode3187_setup.exe
2014-05-20 21:59 - 2014-05-20 21:59 - 00000011 _____ () D:\Users\Sven\Desktop\Plugins.ini
2014-05-20 21:58 - 2014-05-20 21:58 - 00188736 _____ () D:\Users\Sven\Desktop\CoreTemp_64bit_0.99.5.27_PCMASTERS.DE.rar
2014-05-20 20:21 - 2014-01-14 20:13 - 00000000 ____D () D:\ProgramData\Skype
2014-05-20 20:20 - 2014-04-25 17:16 - 00000000 ___RD () D:\Program Files (x86)\Skype
2014-05-20 12:52 - 2014-05-20 11:08 - 4218159104 _____ () D:\Users\Sven\Documents\DrakenSangLP.mxf
2014-05-20 11:08 - 2014-05-19 19:46 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Sony
2014-05-20 11:01 - 2014-05-20 11:01 - 01218658 _____ () D:\Users\Sven\Desktop\1985703_5497746.mp4
2014-05-20 10:13 - 2014-05-19 21:27 - 07763684 _____ () D:\Users\Sven\Desktop\DSC_0003.JPG.part
2014-05-19 22:04 - 2014-05-19 22:04 - 00002656 _____ () D:\Users\Sven\Documents\Vegas Pro registrieren.htm
2014-05-19 20:50 - 2014-05-19 20:50 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files\Sony
2014-05-19 20:49 - 2014-05-19 20:49 - 00000000 ____D () D:\Program Files (x86)\Sony
2014-05-19 20:49 - 2014-05-19 19:47 - 00000000 ____D () D:\Users\Sven\AppData\Local\Sony
2014-05-19 20:49 - 2014-05-19 19:47 - 00000000 ____D () D:\ProgramData\Sony
2014-05-19 19:56 - 2014-05-19 19:55 - 00000000 ____D () D:\Users\Sven\AppData\Roaming\Publish Providers
2014-05-19 19:44 - 2014-05-19 19:43 - 277095929 _____ () D:\Users\Sven\Downloads\SVP_12.zip
2014-05-19 17:49 - 2014-05-19 17:48 - 08988296 _____ () D:\Users\Sven\Desktop\DrakensangOnlineSetup.exe
2014-05-18 00:24 - 2014-05-18 00:24 - 00000029 _____ () D:\ValveUnhandledExceptionFilter.txt
2014-05-17 19:37 - 2014-05-17 19:32 - 55171247 _____ () D:\Users\Sven\Desktop\l4d2_2013.zip
2014-05-17 04:35 - 2014-05-25 18:14 - 00044744 _____ (AnchorFree Inc.) D:\Windows\system32\Drivers\hssdrv6.sys
2014-05-17 02:42 - 2014-05-17 02:42 - 00042184 _____ (Anchorfree Inc.) D:\Windows\system32\Drivers\taphss6.sys
2014-05-17 02:34 - 2014-05-17 02:34 - 00000000 ____D () D:\Users\Sven\Documents\Rockstar Games
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __SHD () D:\ProgramData\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 __RHD () D:\Users\Sven\AppData\Roaming\SecuROM
2014-05-17 02:32 - 2014-05-17 02:32 - 00000000 ____D () D:\Users\Sven\AppData\Local\Rockstar Games
2014-05-15 16:20 - 2014-01-14 20:05 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:20 - 2014-01-14 20:05 - 00000000 ___RD () D:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:16 - 2014-04-30 03:00 - 00000000 ___SD () D:\Windows\system32\CompatTel
2014-05-15 16:15 - 2009-07-14 05:20 - 00000000 ____D () D:\Windows\PolicyDefinitions
2014-05-14 20:55 - 2014-04-04 19:17 - 00000000 ____D () D:\Users\Sven\Documents\~ Au
2014-05-12 19:17 - 2014-05-02 20:18 - 00000000 ____D () D:\Users\Sven\Desktop\MCWoW 2.4.3
2014-05-12 07:26 - 2014-06-07 01:13 - 00091352 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-07 01:13 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-07 01:13 - 00025816 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys
2014-05-12 00:42 - 2014-05-11 16:53 - 00001270 _____ () D:\Users\Sven\Desktop\Sry.txt
2014-05-11 17:00 - 2009-07-14 05:20 - 00000000 ____D () D:\Windows\system32\NDF
2014-05-10 04:15 - 2014-05-10 04:15 - 00629584 _____ (Chip Digital GmbH) D:\Users\Sven\Desktop\Hotspot Shield VPN - CHIP-Downloader.exe

Files to move or delete:
====================
D:\Users\Sven\AutomaticUpdater.dll
D:\Users\Sven\binkw32.dll
D:\Users\Sven\DBNetwork.IndigoSxS.dll
D:\Users\Sven\LinqBridge.dll
D:\Users\Sven\mss32.dll
D:\Users\Sven\MW3 Launcher.exe
D:\Users\Sven\SteamAPIUpdater.dll
D:\Users\Sven\steamclient.dll
D:\Users\Sven\tier0_s.dll
D:\Users\Sven\update-mw3.bat
D:\Users\Sven\vstdlib_s.dll


Some content of TEMP:
====================
D:\Users\Sven\AppData\Local\Temp\4602657683342e931c151352386901fc.dll
D:\Users\Sven\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

D:\Windows\System32\winlogon.exe => File is digitally signed
D:\Windows\System32\wininit.exe => File is digitally signed
D:\Windows\SysWOW64\wininit.exe => File is digitally signed
D:\Windows\explorer.exe => File is digitally signed
D:\Windows\SysWOW64\explorer.exe => File is digitally signed
D:\Windows\System32\svchost.exe => File is digitally signed
D:\Windows\SysWOW64\svchost.exe => File is digitally signed
D:\Windows\System32\services.exe => File is digitally signed
D:\Windows\System32\User32.dll => File is digitally signed
D:\Windows\SysWOW64\User32.dll => File is digitally signed
D:\Windows\System32\userinit.exe => File is digitally signed
D:\Windows\SysWOW64\userinit.exe => File is digitally signed
D:\Windows\System32\rpcss.dll => File is digitally signed
D:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-06 14:26

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

tut mir leid für doppel posting mir wurde der erste einfach nicht angezeigt

Alt 09.06.2014, 17:42   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.06.2014, 02:07   #14
svendief
 
Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



Hallo Eset werd ich nicht durch laufen lassen können da es schon für 34% 12stdn braucht und ich habe jetzt das problem das mein pc auf win7 garnicht mehr startet weil er beim herunterfahren updates laden musste und dann auf einmal stromweg war und jz kommt er nicht weiter als bis zum login screen bzw login screen als blackscreen und maus sichtbar

Alt 12.06.2014, 09:55   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Standard

Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.



Warum war der Strom weg? Mitten in den WIndows Updates? Das is doof.

Beim Starten F8 drücken, wähle letzte aus funktionierend bekannte Version.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.
beheben, dienste, erhalte, erhalten, files, gruppe, informationen, nachricht, neu, neustart, nichts, pc neustart, problem, program, programm, restart, sandboxie, starte, systemadministrator



Ähnliche Themen: Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.


  1. Malwarebytes : Dieses Programm wurde durch eine Gruppenrichtlinie blockiert.
    Log-Analyse und Auswertung - 04.06.2015 (1)
  2. Avira: Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 18.01.2015 (33)
  3. Avira Pro - "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator."
    Plagegeister aller Art und deren Bekämpfung - 15.11.2014 (22)
  4. Avast-dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Plagegeister aller Art und deren Bekämpfung - 08.10.2014 (4)
  5. Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Plagegeister aller Art und deren Bekämpfung - 25.09.2014 (7)
  6. Avast - Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 09.09.2014 (5)
  7. AVG, Dieses Programm wurde durch eine Gruppenrichlinie blockiert
    Log-Analyse und Auswertung - 08.09.2014 (11)
  8. dieses programm wurde durch eine gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 06.08.2014 (12)
  9. Avira: Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Plagegeister aller Art und deren Bekämpfung - 16.07.2014 (15)
  10. Avira - Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 05.07.2014 (5)
  11. Avast => Dieses Programm wurde durch eine Gruppenrichtlinie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.
    Log-Analyse und Auswertung - 18.06.2014 (19)
  12. windows 7 dieses programm wurde durch eine gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 05.06.2014 (22)
  13. Avira - dieses programm wurde durch eine gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 05.06.2014 (15)
  14. Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Antiviren-, Firewall- und andere Schutzprogramme - 29.05.2014 (32)
  15. Avira Problem:dieses programm wurde durch eine gruppenrichtlienie blockiert...
    Plagegeister aller Art und deren Bekämpfung - 16.01.2014 (28)
  16. avira: dieses programm wurde durch eine gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 13.12.2013 (9)
  17. avira: dieses programm wurde durch eine gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 03.12.2013 (11)

Zum Thema Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. - Hallo ich habe ein problem bei Sandboxie immer wenn ich es starte kommt D:\Program Files\Sandboxie\Start.exe Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. Ich habe - Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator....
Archiv
Du betrachtest: Dieses Programm wurde durch eine Gruppenrichtlienie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.