Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 02.11.2014, 17:36   #1
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



Also wie oben schon beschrieben habe ich das Problem und ich habe keine Ahnung wie ich den Mist weg bekomme und brauche eure Hilfe habe bissen was gelesen und mir schon Combofix laufen lassen aber was jetz?

danke schon mal im vor raus und ich versuche alles so hin zubekommen wie ihr das mir sagt bin leider nicht so das Computergen

Combofix Logfile:
Code:
ATTFilter
ComboFix 14-10-29.01 - Keule 02.11.2014  14:52:31.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4087.1671 [GMT 1:00]
ausgeführt von:: c:\users\Keule\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\GaoSaVe
c:\program files (x86)\GaoSaVe\02eIJHxfgf9jbC.dat
c:\program files (x86)\GaoSaVe\02eIJHxfgf9jbC.dll
c:\program files (x86)\GaoSaVe\02eIJHxfgf9jbC.tlb
c:\program files (x86)\GaoSaVe\02eIJHxfgf9jbC.x64.dll
c:\program files (x86)\GS_Booster
c:\program files (x86)\GS_Booster\Assistant.dll
c:\program files (x86)\GS_Booster\Assistant_x64.dll
c:\program files (x86)\GS_Booster\AssistantSvc.dll
c:\program files (x86)\YoutubEADBlocke
c:\program files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.dat
c:\program files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.dll
c:\program files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.tlb
c:\program files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.x64.dll
c:\programdata\374311380
c:\programdata\374311380\BIT1773.tmp
c:\programdata\ExsteraSavinogs
c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.dat
c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.dll
c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.exe
c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.tlb
c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.x64.dll
c:\programdata\GaoSaVe
c:\programdata\GaoSaVe\Is80A34cf8betU7.dat
c:\programdata\GaoSaVe\Is80A34cf8betU7.exe
c:\programdata\GoSavee
c:\programdata\GoSavee\zop6uX7dGN6fgP.dat
c:\programdata\GoSavee\zop6uX7dGN6fgP.dll
c:\programdata\GoSavee\zop6uX7dGN6fgP.exe
c:\programdata\GoSavee\zop6uX7dGN6fgP.tlb
c:\programdata\GoSavee\zop6uX7dGN6fgP.x64.dll
c:\programdata\Trusted Publisher\GS_Booster
c:\programdata\Trusted Publisher\GS_Booster\576482620.ini
c:\programdata\Trusted Publisher\GS_Booster\576482620\BITD186.tmp
c:\programdata\Trusted Publisher\GS_Booster\GS_Booster.exe
c:\programdata\YoutubEADBlocke
c:\programdata\YoutubEADBlocke\GomOV8hlyVOe5P2.dat
c:\programdata\YoutubEADBlocke\GomOV8hlyVOe5P2.exe
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Keule\AppData\Local\Adobe\AdbeRdr11007_de_DE.exe
c:\users\Keule\AppData\Local\Adobe\gccheck.exe
c:\users\Keule\AppData\Local\Adobe\gtbcheck.exe
c:\users\Keule\AppData\Local\Adobe\SecurityScan_Release.exe
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Keule\AppData\Local\Chromatic Browser\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Keule\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Keule\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Keule\AppData\Local\nsd62C7.tmp
c:\users\Keule\AppData\Local\nss2CC.tmp
c:\users\Keule\AppData\Local\nsw72FC.tmp
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\background.html
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\content.js
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\KJnLDxJBQ.js
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\lsdb.js
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\bllnompkjpnjehbgijoelehahhdocijl\2.0\manifest.json
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\background.html
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\content.js
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\D0pc.js
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\lsdb.js
c:\users\Keule\AppData\Local\Torch\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\114\manifest.json
c:\users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\extensions\LauhZhnPw@A.org
c:\users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\extensions\LauhZhnPw@A.org\bootstrap.js
c:\users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\extensions\LauhZhnPw@A.org\chrome.manifest
c:\users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\extensions\LauhZhnPw@A.org\content\bg.js
c:\users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\extensions\LauhZhnPw@A.org\install.rdf
c:\windows\SysWow64\SETDEE.tmp
c:\windows\SysWow64\SETFDD3.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-02 bis 2014-11-02  ))))))))))))))))))))))))))))))
.
.
2014-11-02 03:10 . 2014-11-02 03:10	--------	d-----w-	c:\programdata\Creative
2014-11-02 01:05 . 2014-10-14 19:59	11627712	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{02E4C712-2C9D-432B-ABA7-4A3621EFDF4D}\mpengine.dll
2014-11-01 17:54 . 2014-11-01 17:54	--------	d-----w-	c:\program files (x86)\Common Files\Creative
2014-11-01 17:54 . 2014-11-01 17:54	--------	d--h--w-	c:\program files (x86)\Creative Installation Information
2014-11-01 17:52 . 2014-11-01 17:54	--------	d-----w-	c:\program files\Creative
2014-11-01 17:52 . 2014-11-01 17:54	--------	d-----w-	c:\program files (x86)\Creative
2014-11-01 17:50 . 2003-11-10 17:13	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2014-11-01 17:50 . 2003-11-10 17:12	266240	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2014-11-01 17:50 . 2003-11-10 17:12	192512	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2014-11-01 17:50 . 2003-11-10 17:11	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2014-11-01 17:50 . 2003-11-10 17:14	729088	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2014-11-01 17:50 . 2014-11-01 17:50	188548	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2014-11-01 17:50 . 2014-11-01 17:50	311428	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2014-11-01 16:40 . 2014-10-14 19:59	11627712	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-31 15:53 . 2014-10-31 15:53	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-10-31 15:53 . 2014-10-31 15:53	--------	d-----w-	c:\program files\Java
2014-10-31 09:52 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2014-10-31 09:52 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2014-10-30 19:16 . 2014-10-31 13:38	--------	d-----w-	c:\program files (x86)\Landwirtschafts Simulator 2015
2014-10-26 15:30 . 2014-10-16 12:27	614544	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-10-23 11:15 . 2014-10-23 11:15	--------	d-----w-	c:\programdata\Ads Remover
2014-10-23 01:03 . 2014-10-25 06:01	--------	d-----w-	c:\program files (x86)\grassmow
2014-10-15 12:33 . 2014-07-07 02:06	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-10-15 12:32 . 2014-09-19 01:47	48128	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-10-15 12:29 . 2014-09-18 02:00	3241472	----a-w-	c:\windows\system32\msi.dll
2014-10-15 12:28 . 2014-09-05 02:11	6584320	----a-w-	c:\windows\system32\mstscax.dll
2014-10-15 12:28 . 2014-09-05 01:52	5703168	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-10-15 12:27 . 2014-09-13 01:58	77312	----a-w-	c:\windows\system32\packager.dll
2014-10-15 12:27 . 2014-09-13 01:40	67072	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-14 17:58 . 2014-10-14 17:58	--------	d-----w-	c:\program files (x86)\predm
2014-10-14 17:54 . 2014-10-14 17:54	--------	d-----w-	c:\program files (x86)\Isaveir
2014-10-14 17:53 . 2014-10-14 17:53	--------	d-----w-	c:\program files (x86)\Reimageplus.com
2014-10-14 17:52 . 2014-10-14 17:52	--------	d-----w-	c:\program files (x86)\DigiISaverr
2014-10-14 13:02 . 2014-10-14 18:00	--------	d-----w-	c:\program files (x86)\Optimizer Pro
2014-10-14 02:02 . 2014-10-14 02:02	1500072	----a-w-	c:\users\Keule\AppData\Roaming\BIXK.exe
2014-10-14 02:02 . 2014-10-14 02:02	1978792	----a-w-	c:\users\Keule\AppData\Roaming\VPOY.exe
2014-10-14 01:01 . 2014-10-14 17:54	--------	d-----w-	c:\users\Keule\AppData\Roaming\InetStat
2014-10-13 13:59 . 2014-10-14 18:06	--------	d-----w-	c:\users\Keule\AppData\Roaming\StormFall
2014-10-13 13:59 . 2014-10-13 13:59	--------	d-----w-	c:\users\Keule\AppData\Local\StormFall
2014-10-13 13:59 . 2014-10-13 13:59	--------	d-----w-	c:\users\Keule\AppData\Roaming\GoodGameEmpire
2014-10-13 13:59 . 2014-10-13 13:59	--------	d-----w-	c:\users\Keule\AppData\Local\GGEmpire
2014-10-13 13:08 . 2014-10-13 13:08	--------	d-----w-	c:\users\Keule\AppData\Roaming\ap_logs
2014-10-13 13:08 . 2014-10-13 13:08	--------	d-----w-	c:\users\Keule\AppData\Roaming\AnyProtectEx
2014-10-13 13:08 . 2014-10-13 13:08	--------	d-----w-	c:\users\Keule\AppData\Roaming\ap_movie
2014-10-13 13:05 . 2014-10-13 13:05	--------	d-----w-	c:\users\Keule\AppData\Roaming\FirefoxToolbar
2014-10-13 13:00 . 2014-10-31 16:09	--------	d-----w-	c:\users\Keule\AppData\Roaming\Systweak
2014-10-13 13:00 . 2014-08-29 15:02	20296	----a-w-	c:\windows\system32\roboot64.exe
2014-10-13 12:54 . 2014-10-13 12:54	--------	d-----w-	c:\users\Keule\AppData\Local\com
2014-10-13 12:53 . 2014-10-13 12:53	1545616	----a-w-	c:\users\Keule\AppData\Roaming\NZKWOXW.exe
2014-10-13 12:52 . 2014-10-13 12:52	2038672	----a-w-	c:\users\Keule\AppData\Roaming\PBOY.exe
2014-10-13 12:52 . 2014-10-13 12:52	--------	d-----w-	c:\users\Keule\AppData\Local\globalUpdate
2014-10-13 12:52 . 2014-10-31 16:01	--------	d--h--w-	c:\users\Public\Temp
2014-10-13 12:51 . 2014-10-13 12:51	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-10-13 12:51 . 2014-10-14 18:05	--------	d-----w-	c:\program files (x86)\SupTab
2014-10-13 12:51 . 2014-10-13 12:52	--------	d-----w-	c:\programdata\IePluginServices
2014-10-13 12:50 . 2014-10-14 17:54	--------	d-----w-	c:\users\Keule\AppData\Local\Genesis_10131250
2014-10-13 12:49 . 2014-10-11 09:04	4834816	----a-w-	c:\windows\score.exe
2014-10-13 12:46 . 2014-10-31 15:53	--------	d-----w-	c:\programdata\Oracle
2014-10-13 12:44 . 2014-10-13 12:44	--------	d-----w-	c:\programdata\APN
2014-10-07 16:53 . 2014-10-07 16:53	--------	d-----w-	c:\program files (x86)\WEB.DE MailCheck
2014-10-07 16:51 . 2014-10-07 16:51	--------	d-----w-	c:\users\Keule\AppData\Roaming\OpenCandy
2014-10-07 16:40 . 2014-10-07 16:40	--------	d-sh--w-	c:\users\Keule\AppData\Local\EmieUserList
2014-10-07 16:40 . 2014-10-07 16:40	--------	d-sh--w-	c:\users\Keule\AppData\Local\EmieSiteList
2014-10-07 14:18 . 2014-09-10 14:30	1188440	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45481A36-8256-44F1-B6EE-318B8DD213AA}\gapaengine.dll
2014-10-07 14:09 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-10-07 14:09 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-10-07 14:05 . 2014-10-07 14:40	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2014-10-07 14:05 . 2014-10-30 16:45	--------	d-----w-	c:\program files\Microsoft Security Client
2014-10-07 13:59 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2014-10-07 13:59 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2014-10-07 13:59 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2014-10-07 13:59 . 2014-07-09 02:03	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2014-10-07 13:59 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2014-10-07 13:59 . 2014-07-09 01:31	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2014-10-07 13:59 . 2014-07-09 01:31	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
2014-10-07 13:39 . 2013-11-23 18:26	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2014-10-07 13:39 . 2013-11-23 17:47	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2014-10-07 13:38 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-10-07 13:38 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-10-07 13:38 . 2013-11-26 08:16	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2014-10-07 13:38 . 2013-11-22 22:48	3928064	----a-w-	c:\windows\system32\d2d1.dll
2014-10-07 13:34 . 2014-09-15 00:08	11578928	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3BAD4BE0-ACCE-4A1F-8107-385584CDC03D}\mpengine.dll
2014-10-07 13:34 . 2014-02-04 02:32	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-10-07 13:34 . 2014-02-04 02:04	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-10-07 06:55 . 2014-10-14 17:50	--------	d-----w-	c:\programdata\50CCouupons
2014-10-06 23:29 . 2014-10-06 23:29	--------	d-----w-	c:\windows\Migration
2014-10-06 23:13 . 2013-10-14 16:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2014-10-06 20:54 . 2014-10-06 20:54	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-06 20:17 . 2014-10-06 20:17	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-10-06 20:17 . 2014-10-06 20:17	--------	d-----r-	c:\program files (x86)\Skype
2014-10-06 19:03 . 2014-10-15 15:40	--------	d-----w-	c:\windows\system32\MRT
2014-10-06 18:45 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2014-10-06 18:45 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2014-10-06 18:45 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2014-10-06 18:45 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-10-06 18:45 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2014-10-06 18:45 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2014-10-06 18:45 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2014-10-06 18:45 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2014-10-06 18:38 . 2013-10-04 02:28	190464	----a-w-	c:\windows\system32\SmartcardCredentialProvider.dll
2014-10-06 18:37 . 2014-07-07 02:06	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-10-06 18:36 . 2014-03-04 09:44	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-10-06 18:35 . 2013-07-26 02:24	197120	----a-w-	c:\windows\system32\shdocvw.dll
2014-10-06 18:34 . 2014-06-16 02:10	985536	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2014-10-06 18:16 . 2012-11-23 03:13	68608	----a-w-	c:\windows\system32\taskhost.exe
2014-10-06 18:16 . 2013-10-12 02:29	859648	----a-w-	c:\windows\system32\IKEEXT.DLL
2014-10-06 18:16 . 2013-07-20 10:33	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-10-06 18:16 . 2013-07-20 10:33	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-06 18:16 . 2013-10-12 02:30	830464	----a-w-	c:\windows\system32\nshwfp.dll
2014-10-06 18:16 . 2013-10-12 02:29	324096	----a-w-	c:\windows\system32\FWPUCLNT.DLL
2014-10-06 18:16 . 2013-10-12 02:03	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2014-10-06 18:16 . 2013-10-12 02:01	216576	----a-w-	c:\windows\SysWow64\FWPUCLNT.DLL
2014-10-06 18:15 . 2013-08-28 01:12	461312	----a-w-	c:\windows\system32\scavengeui.dll
2014-10-06 17:44 . 2014-07-14 02:02	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-10-06 17:44 . 2014-07-14 01:40	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-10-06 17:02 . 2014-05-14 16:23	44512	----a-w-	c:\windows\system32\wups2.dll
2014-10-06 17:02 . 2014-05-14 16:23	58336	----a-w-	c:\windows\system32\wuauclt.exe
2014-10-06 17:02 . 2014-05-14 16:21	2620928	----a-w-	c:\windows\system32\wucltux.dll
2014-10-06 17:02 . 2014-05-14 16:23	2477536	----a-w-	c:\windows\system32\wuaueng.dll
2014-10-06 17:02 . 2014-05-14 16:23	38880	----a-w-	c:\windows\system32\wups.dll
2014-10-06 17:02 . 2014-05-14 16:23	700384	----a-w-	c:\windows\system32\wuapi.dll
2014-10-06 17:02 . 2014-05-14 16:20	97792	----a-w-	c:\windows\system32\wudriver.dll
2014-10-06 17:02 . 2014-05-14 16:17	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2014-10-06 17:02 . 2014-05-14 16:23	36320	----a-w-	c:\windows\SysWow64\wups.dll
2014-10-06 17:02 . 2014-05-14 16:23	581600	----a-w-	c:\windows\SysWow64\wuapi.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-02 14:04 . 2010-12-01 20:48	25640	----a-w-	c:\windows\gdrv.sys
2014-10-30 11:25 . 2010-12-01 20:37	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-29 21:30 . 2011-05-02 18:17	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-10-29 21:30 . 2011-05-02 18:17	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-10-24 12:52 . 2012-08-03 11:14	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-24 12:52 . 2011-05-20 06:00	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-16 16:54 . 2012-10-10 20:23	987008	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-10-16 16:54 . 2012-10-10 20:22	16886168	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-10-16 16:54 . 2010-08-05 10:15	3237528	----a-w-	c:\windows\system32\nvapi64.dll
2014-10-16 16:54 . 2010-08-05 10:15	2849224	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-10-16 16:54 . 2010-08-05 10:15	20968040	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-10-16 14:11 . 2010-07-29 17:52	6883136	----a-w-	c:\windows\system32\nvcpl.dll
2014-10-16 14:11 . 2010-07-29 17:52	3533632	----a-w-	c:\windows\system32\nvsvc64.dll
2014-10-16 14:11 . 2010-07-29 17:52	384200	----a-w-	c:\windows\system32\nvmctray.dll
2014-10-16 14:11 . 2010-07-29 17:52	933064	----a-w-	c:\windows\system32\nvvsvc.exe
2014-10-16 14:11 . 2010-07-29 17:52	61640	----a-w-	c:\windows\system32\nvshext.dll
2014-10-16 14:11 . 2010-07-29 17:52	2559808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-10-15 15:36 . 2010-12-13 22:20	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-10-15 00:48 . 2012-11-02 09:39	4047877	----a-w-	c:\windows\system32\nvcoproc.bin
2014-09-26 20:23 . 2014-09-23 19:39	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-09-26 20:22 . 2014-09-23 19:39	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-09-25 21:48 . 2011-05-20 06:07	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-09-23 20:40 . 2011-05-02 18:17	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-09-17 04:51 . 2014-09-20 15:14	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-09-20 15:14	197408	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2014-09-17 04:51 . 2014-06-30 13:39	1538880	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-09-13 23:48 . 2014-09-20 15:14	1876296	----a-w-	c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-09-20 15:14	1539272	----a-w-	c:\windows\system32\nvdispgenco6434411.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-17 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
"Sound Blaster Tactic3D Control Panel"="c:\program files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" [2014-07-03 2091008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-12-14 1207312]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"BrMfcWnd"=c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
"ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
.
R1 ttnfd;ttnfd;c:\windows\system32\drivers\ttnfd.sys;c:\windows\SYSNATIVE\drivers\ttnfd.sys [x]
R2 4d349a54;GS_Sustainer;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
R3 LU1103A;LU1103A Filter;c:\windows\system32\DRIVERS\LU1103A.sys;c:\windows\SYSNATIVE\DRIVERS\LU1103A.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 scores;scores;c:\windows\score.exe;c:\windows\score.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 UHSfiltv;UHSfiltv;c:\windows\system32\drivers\UHSfiltv.sys;c:\windows\SYSNATIVE\drivers\UHSfiltv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 12:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 462712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
BHO-{06c21f1b-d05e-4d1f-bb5f-82f7d4769403} - c:\programdata\GoSavee\zop6uX7dGN6fgP.dll
BHO-{08754b90-6d07-43f4-9b52-22ed6be00e58} - c:\program files (x86)\GaoSaVe\02eIJHxfgf9jbC.dll
BHO-{30e9882a-f8ec-4bce-97ad-c575c594c0b2} - c:\program files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.dll
BHO-{f12d44d6-38fe-45aa-9262-ec4ab9f1fda0} - c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.dll
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-mbot_de_150 - (no file)
Wow6432Node-HKLM-Run-ConvertAd - c:\users\Keule\AppData\Local\ConvertAd\ConvertAd.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{06c21f1b-d05e-4d1f-bb5f-82f7d4769403} - c:\programdata\GoSavee\zop6uX7dGN6fgP.x64.dll
BHO-{08754b90-6d07-43f4-9b52-22ed6be00e58} - c:\program files (x86)\GaoSaVe\02eIJHxfgf9jbC.x64.dll
BHO-{30e9882a-f8ec-4bce-97ad-c575c594c0b2} - c:\program files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.x64.dll
BHO-{f12d44d6-38fe-45aa-9262-ec4ab9f1fda0} - c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.x64.dll
Toolbar-10 - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
AddRemove-ArmA 2 - c:\program files\Bohemia Interactive\ArmA 2\UnInstall.exe
AddRemove-ARMA 2 Operation Arrowhead - c:\program files\Bohemia Interactive\ArmA 2\UnInstall_OA.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-S-576482620 - c:\programdata\trusted publisher\gs_booster\gs_booster.exe
AddRemove-SEMC OMSI Module - c:\program files (x86)\Sony Ericsson\Update Engine\uninst.exe
AddRemove-Update Engine - c:\program files (x86)\Sony Ericsson\Update Engine\uninst.exe
AddRemove-{4820778D-AB0D-6D18-C316-52A6A0E1D507} - c:\programdata\YoutubEADBlocke\GomOV8hlyVOe5P2.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54} - c:\progra~2\GS_BOO~1\ASSIST~1.DLL
AddRemove-{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A} - c:\programdata\GoSavee\zop6uX7dGN6fgP.exe
AddRemove-{C637A71C-A4B2-4B47-1B2A-1042A8D525A3} - c:\programdata\ExsteraSavinogs\attGlhRBdgFAtN.exe
AddRemove-{C87834EB-A2A0-B9D4-AA9A-C263D1191051} - c:\programdata\GaoSaVe\Is80A34cf8betU7.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-02  16:55:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-11-02 15:55
.
Vor Suchlauf: 8 Verzeichnis(se), 23.816.654.848 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 24.813.117.440 Bytes frei
.
- - End Of File - - 8721B54A74F18AE2BD81C45AE42E7257
         
--- --- ---

Geändert von Keule2388 (02.11.2014 um 17:37 Uhr) Grund: ComboFix 14-10-29.01 - Keule 02.11.2014 14:52:31.1.4 - x64

Alt 02.11.2014, 17:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.11.2014, 18:45   #3
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



die FRST.txt ist so groß das bekomme ich nich gepostet

Das Klappt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by Keule at 2014-11-02 17:57:10
Running from C:\Users\Keule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7AJA1PL
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Ads Remover (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - Ads Remover) <==== ATTENTION
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version: 1.05 - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BitZipper 2013 (HKLM-x32\...\BitZipper_is1) (Version: 2013.12.10.17 - Bitberry Software)
Brother MFL-Pro Suite MFC-250C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Darkest Hour: Europe '44-'45 (HKLM-x32\...\Steam App 1280) (Version:  - Darkest Hour Team)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
ExsteraSavinogs (HKLM-x32\...\{C637A71C-A4B2-4B47-1B2A-1042A8D525A3}) (Version:  - "")
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
GaoSaVe (HKLM-x32\...\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}) (Version: 4.3.0.1350 - ) <==== ATTENTION
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
GoSavee (HKLM-x32\...\{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A}) (Version:  - "")
GS_Booster (HKLM-x32\...\S-576482620) (Version: 1.3.0.1452 - PremiumSoft) <==== ATTENTION
GS_Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54}) (Version:  - Certified Publisher) <==== ATTENTION
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software)
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.2.46.20101118 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{9BC97E7F-8E26-44B8-841A-C5262754FC89}) (Version: 2.1 - LG Electronics)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 7.00 (HKLM\...\{690285C2-2481-44FB-8402-162EA970A6DD}) (Version: 7.00.291 - Logitech Inc.)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Mare Nostrum (HKLM-x32\...\Steam App 1230) (Version:  - Sandstorm Productions)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Medal of Honor™ Warfighter (HKLM-x32\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.5.50938 - Корпорация Майкрософт)
Microsoft .NET Framework 4.5.1 (עברית) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (简体中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2052) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1(한국어) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1042) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5919 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire)
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version:  - Tripwire Interactive)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.51.00(19.06.2014) - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.12.5.57 - Sony Ericsson Mobile Communications AB)
Sony PC Companion 2.10.115 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.115 - Sony)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - Firefly Studios)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.9.2 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
YoutubEADBlocke (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 1.1.0.1547 - ) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

30-10-2014 19:19:47 DirectX wurde installiert
31-10-2014 11:02:27 Windows Update
31-10-2014 15:37:50 Removed Java 7 Update 71
31-10-2014 15:38:47 Removed Java 7 Update 71
01-11-2014 17:51:05 Installiert Sound Blaster Tactic(3D)
01-11-2014 17:53:50 Gerätetreiber-Paketinstallation: CREATIVE Audio-, Video- und Gamecontroller

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-02 16:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1086884C-9F83-425B-A802-6CE88679636A} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17] (InstallShield Software Corporation)
Task: {1978AB39-80CE-4FE9-9051-283E45E08F97} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {531C249F-4C01-4A6C-914E-A809A0424B74} - System32\Tasks\{6626EF3B-A609-48A9-9CED-FE1F69587EE5} => Firefox.exe 
Task: {58CE6AFF-7E6A-4AEB-A9F8-5EC8D6304F2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-24] (Adobe Systems Incorporated)
Task: {5A7A23B8-2667-4AA2-BDEB-20EF26122451} - System32\Tasks\{0F48E379-C488-4FD2-A348-948BC4D06E74} => Firefox.exe 
Task: {61F9EE01-49CE-4C06-BF65-75E30333E4D6} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {66BB19B4-867B-480E-A0A3-B436B289EEC2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {798C4621-B7A8-41AD-B2E1-65E136B8F5F5} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {A528B7E0-99EA-42EC-9191-AE9D5B269906} - System32\Tasks\{7987E01D-7620-4EEA-993C-03846944A18C} => Firefox.exe 
Task: {A695EE6E-CA4B-438A-B549-61AB121E496C} - System32\Tasks\{F7B03492-31B2-4373-A2B4-FEB5450484E8} => C:\PROGRAMME\MEINHAUSPLANER\PROG\CADAVA\meinHausplaner.exe
Task: {A6A28B0D-B40E-4DCA-AF2F-B13B9B077BAA} - System32\Tasks\{E7B1BF92-F41B-4FE1-B221-795CC936E5A2} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {AF8252D8-E4E1-44A2-93FE-88BFBC7FD00F} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-17] (InstallShield Software Corporation)
Task: {C77F826C-C3CD-4860-A251-08C8CB7BD17C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {E64D69ED-EBAE-4B74-9EE8-5A059FC601A4} - System32\Tasks\{1E5A71F1-FE21-4BFA-99F2-98F09B3017D3} => Firefox.exe 
Task: {EF2423A5-8F92-4DF1-B23F-328D1A64F9CC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-11-02 19:05 - 2009-09-11 08:48 - 00027648 _____ () C:\Windows\System32\sst3cl6.dll
2011-10-29 21:12 - 2014-10-16 15:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-01 21:29 - 2009-06-17 16:13 - 00068136 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2010-12-01 21:25 - 2010-01-19 03:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2010-12-14 00:20 - 2012-12-23 14:20 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-13 13:49 - 2014-10-11 10:04 - 04834816 _____ () C:\Windows\score.exe
2010-12-01 21:29 - 2009-05-04 17:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2010-12-01 21:25 - 2009-10-02 13:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-10-31 19:51 - 2014-10-11 13:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-24 13:52 - 2014-10-24 13:52 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun

========================= Accounts: ==========================

Administrator (S-1-5-21-1968684957-3168343925-173667196-500 - Administrator - Disabled)
Gast (S-1-5-21-1968684957-3168343925-173667196-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1968684957-3168343925-173667196-1003 - Limited - Enabled)
Keule (S-1-5-21-1968684957-3168343925-173667196-1000 - Administrator - Enabled) => C:\Users\Keule

==================== Faulty Device Manager Devices =============

Name: ttnfd
Description: ttnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ttnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/02/2014 02:50:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xd7c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/02/2014 04:17:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xe98
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "XML document is too long" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "XML document is too long" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:52:52 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar.

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "XML document is too long" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (10/31/2014 04:38:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {41EF8B34-9D24-42ED-8C1A-6FD3EE341608}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer


System errors:
=============
Error: (11/02/2014 04:52:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:05:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:05:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:05:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ttnfd

Error: (11/02/2014 03:04:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/02/2014 03:04:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/02/2014 03:04:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS_Sustainer erreicht.

Error: (11/02/2014 03:02:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:02:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:02:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================
Error: (11/02/2014 02:50:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425d7c01cff6a3c57086b3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll38e5153e-6297-11e4-b058-1c6f654cea65

Error: (11/02/2014 04:17:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425e9801cff64b02b9bc15C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb54b193a-623e-11e4-b058-1c6f654cea65

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: XML document is too long0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: XML document is too long0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:52:52 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar.

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: XML document is too long0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {95C087A9-04ED-41F6-B22A-D5BC97684FA8}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (10/31/2014 04:38:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {41EF8B34-9D24-42ED-8C1A-6FD3EE341608}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer


CodeIntegrity Errors:
===================================
  Date: 2014-11-02 15:01:30.261
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 15:01:30.073
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:28:08.072
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:28:06.953
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:14:24.072
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:14:22.854
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:11:10.038
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:11:09.004
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:07:20.529
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:07:19.608
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU 660 @ 3.33GHz
Percentage of memory in use: 62%
Total physical RAM: 4087.48 MB
Available physical RAM: 1515.95 MB
Total Pagefile: 14809.66 MB
Available Pagefile: 12228.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:172.69 GB) (Free:23 GB) NTFS
Drive d: () (Fixed) (Total:271.87 GB) (Free:40.93 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS
Drive f: () (Fixed) (Total:180.88 GB) (Free:180.63 GB) NTFS
Drive g: () (Fixed) (Total:284.78 GB) (Free:284.68 GB) NTFS
Drive h: (Landwirtschafts-Simulator 2015) (CDROM) (Total:1.87 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 811F2DC4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=172.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=271.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 256F32EA)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
FRST.txt in zwei abschnitten Also erster Abschnitt

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by Keule (administrator) on KEULE-PC on 02-11-2014 17:55:56
Running from C:\Users\Keule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7AJA1PL
Loaded Profile: Keule (Available profiles: Keule)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
         
__________________

Alt 02.11.2014, 18:47   #4
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



und Abschnitt zwei

Code:
ATTFilter
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\score.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKU\S-1-5-21-1968684957-3168343925-173667196-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBE123C39E6E3CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1968684957-3168343925-173667196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=390&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2231923304924114&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = hxxp://www.default-search.net/search?sid=498&aid=156&itype=n&ver=13892&tm=499&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=390&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2231923304924114&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = hxxp://www.default-search.net/search?sid=498&aid=156&itype=n&ver=13892&tm=499&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331213&octid=EB_ORIGINAL_CTID&ISID=M1E24A102-8A55-4155-9550-D13D9389709E&SearchSource=58&CUI=&UM=6&UP=&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331213&octid=EB_ORIGINAL_CTID&ISID=M1E24A102-8A55-4155-9550-D13D9389709E&SearchSource=58&CUI=&UM=6&UP=&q={searchTerms}&SSPV=
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=390&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2231923304924114&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = hxxp://www.default-search.net/search?sid=498&aid=156&itype=n&ver=13892&tm=499&src=ds&p={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: GoSavee -> {06c21f1b-d05e-4d1f-bb5f-82f7d4769403} -> C:\ProgramData\GoSavee\zop6uX7dGN6fgP.dll No File
BHO-x32: GaoSaVe -> {08754b90-6d07-43f4-9b52-22ed6be00e58} -> C:\Program Files (x86)\GaoSaVe\02eIJHxfgf9jbC.dll No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll No File
BHO-x32: HistoryTriggerBHO Class -> {21A88CB9-84D2-4020-A2D1-B25A21034884} -> C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
BHO-x32: YoutubEADBlocke -> {30e9882a-f8ec-4bce-97ad-c575c594c0b2} -> C:\Program Files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.dll No File
BHO-x32: ExsteraSavinogs -> {f12d44d6-38fe-45aa-9262-ec4ab9f1fda0} -> C:\ProgramData\ExsteraSavinogs\attGlhRBdgFAtN.dll No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF SearchEngineOrder.1: default-search.net
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GoSAve - C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\Extensions\3Qc@lMtEJ.org [2014-10-27]
FF Extension: WEB.DE MailCheck - C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\Extensions\toolbar@web.de [2014-10-30]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-10-02]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-10-02]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch [2014-10-14]
CHR Extension: (No Name) - C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejndijkjinbjigbmmbefadfighlkmhjl [2014-10-19]
CHR Extension: (No Name) - C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl [2014-10-19]
CHR Extension: (No Name) - C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago [2014-10-13]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx []
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-23] ()
R2 scores; C:\Windows\score.exe [4834816 2014-10-11] () [File not signed]
S2 4d349a54; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs_boo~1\AssistantSvc.dll",service
S4 LBTServ; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]
S4 Sony PC Companion; "C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-10-23] (C-Media Inc)
S3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-10] (Samsung Electronics)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-10-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2010-10-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2010-10-14] (LG Electronics Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 LU1103A; system32\DRIVERS\LU1103A.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S1 ttnfd; system32\drivers\ttnfd.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 17:55 - 2014-11-02 17:56 - 00000000 ____D () C:\FRST
2014-11-02 17:53 - 2014-11-02 17:54 - 01706359 _____ (Thisisu) C:\Users\Keule\Downloads\JRT.exe
2014-11-02 17:44 - 2014-11-02 17:45 - 01998336 _____ () C:\Users\Keule\Downloads\AdwCleaner_4.002.exe
2014-11-02 17:41 - 2014-11-02 17:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Keule\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-02 17:03 - 2014-11-02 17:03 - 00066084 _____ () C:\Users\Keule\Desktop\Combofix.txt
2014-11-02 16:55 - 2014-11-02 16:55 - 00066084 _____ () C:\ComboFix.txt
2014-11-02 14:50 - 2014-11-02 16:56 - 00000000 ____D () C:\Qoobox
2014-11-02 14:50 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-02 14:50 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-02 14:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-02 14:49 - 2014-11-02 16:54 - 00000000 ____D () C:\Windows\erdnt
2014-11-02 14:46 - 2014-11-02 14:47 - 05591672 ____R (Swearware) C:\Users\Keule\Downloads\ComboFix.exe
2014-11-02 14:36 - 2014-11-02 14:36 - 00700980 _____ () C:\Users\Keule\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-11-02 14:34 - 2014-11-02 14:34 - 00542313 _____ () C:\Users\Keule\Downloads\noscript_security_suite-2.6.9.3-sm_fn_fx.zip
2014-11-02 04:10 - 2014-11-02 04:10 - 00000000 ____D () C:\ProgramData\Creative
2014-11-01 18:54 - 2014-11-01 18:54 - 00000000 ___HD () C:\Program Files (x86)\Creative Installation Information
2014-11-01 18:53 - 2014-11-02 04:10 - 00000000 ____D () C:\Users\Keule\AppData\Local\Creative
2014-11-01 18:53 - 2014-11-01 18:54 - 00000414 ___RH () C:\Windows\ctfile.rfc
2014-11-01 18:53 - 2014-11-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-11-01 18:53 - 2014-11-01 18:53 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00002133 _____ () C:\Users\Public\Desktop\Creative-Produktregistrierung.lnk
2014-11-01 18:53 - 2014-06-03 16:32 - 00287744 _____ (Creative Technology Ltd.) C:\Windows\system32\UHSpld64.dll
2014-11-01 18:53 - 2014-06-03 16:31 - 02405144 _____ (Creative Technology Ltd.) C:\Windows\system32\UHSAPO64.dll
2014-11-01 18:53 - 2014-06-03 16:31 - 02016024 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\UHSAPO32.dll
2014-11-01 18:53 - 2014-06-03 16:30 - 00020161 _____ () C:\Windows\UHSAPO64.ssc
2014-11-01 18:53 - 2014-06-03 16:15 - 00033735 _____ () C:\Windows\system32\UHS.ini
2014-11-01 18:53 - 2014-04-25 16:33 - 01898496 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2014-11-01 18:53 - 2014-04-25 16:29 - 01609728 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2014-11-01 18:53 - 2014-04-23 10:38 - 00011264 _____ (Creative Technology Ltd.) C:\Windows\UHSDefE.exe
2014-11-01 18:53 - 2014-04-23 10:38 - 00000387 _____ () C:\Windows\UHSMCcfg.ini
2014-11-01 18:53 - 2014-04-23 10:38 - 00000373 _____ () C:\Windows\UHSConfig.ini
2014-11-01 18:53 - 2014-03-24 10:38 - 00089600 _____ () C:\Windows\system32\CmdRtr64.DLL
2014-11-01 18:53 - 2014-03-24 10:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-11-01 18:53 - 2014-03-24 10:36 - 00366080 _____ () C:\Windows\system32\APOMgr64.DLL
2014-11-01 18:53 - 2014-03-24 10:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-11-01 18:53 - 2013-05-31 16:43 - 00023552 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\UHSfiltv.sys
2014-11-01 18:53 - 2013-04-17 15:20 - 00002413 _____ () C:\Windows\UHScfg.ini
2014-11-01 18:53 - 2012-04-18 11:39 - 00042496 _____ (Creative Technology Ltd.) C:\Windows\AddCat.exe
2014-11-01 18:53 - 2011-06-29 18:36 - 00235520 _____ (Creative Technology Limited) C:\Windows\system32\UHScInst.dll
2014-11-01 18:53 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2014-11-01 18:53 - 2003-06-12 23:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd
2014-11-01 18:52 - 2014-11-01 18:54 - 00000000 ____D () C:\Program Files\Creative
2014-11-01 18:52 - 2014-11-01 18:54 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-11-01 18:52 - 2014-11-01 18:52 - 00000546 _____ () C:\Windows\NLSDownlevelMapping.log
2014-10-31 19:51 - 2014-10-31 19:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-31 19:51 - 2014-10-31 19:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-31 19:51 - 2014-10-31 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-31 16:53 - 2014-10-31 16:53 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-31 16:53 - 2014-10-31 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-31 16:53 - 2014-10-31 16:53 - 00000000 ____D () C:\Program Files\Java
2014-10-31 16:36 - 2014-10-31 16:53 - 92658088 _____ (Oracle Corporation) C:\Users\Keule\Downloads\jre-8u25-windows-x64.com
2014-10-31 14:21 - 2014-10-31 14:37 - 294205928 _____ (GIANTS Software ) C:\Users\Keule\Downloads\FarmingSimulator2015Patch1.1DE.exe
2014-10-31 10:52 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-10-31 10:52 - 2013-04-02 23:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-30 20:19 - 2014-10-30 20:19 - 00001279 _____ () C:\Users\Keule\Desktop\Landwirtschafts Simulator 15 .lnk
2014-10-30 20:19 - 2014-10-30 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015
2014-10-30 20:16 - 2014-10-31 14:38 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts Simulator 2015
2014-10-30 19:39 - 2014-11-02 15:04 - 00001718 _____ () C:\Windows\setupact.log
2014-10-30 19:39 - 2014-10-30 19:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-26 16:30 - 2014-10-16 13:27 - 00614544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-26 16:27 - 2014-10-16 17:54 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 24555840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 18499648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 17260864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 13190288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-26 16:27 - 2014-10-16 17:54 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00962376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00931984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00921928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00895176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-10-24 14:06 - 2014-10-24 14:06 - 00071024 _____ (Premium Installer ) C:\Users\Keule\Downloads\setup(1).exe
2014-10-23 12:15 - 2014-10-23 12:15 - 00000000 ____D () C:\ProgramData\Ads Remover
2014-10-23 02:03 - 2014-10-25 07:01 - 00000000 ____D () C:\Program Files (x86)\grassmow
2014-10-21 13:35 - 2014-10-31 19:50 - 36254312 _____ () C:\Users\Keule\Downloads\Firefox_Setup_33.0.exe
2014-10-15 13:34 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 13:34 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 13:34 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 13:34 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 13:34 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 13:34 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 13:34 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 13:34 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 13:34 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 13:34 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 13:34 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 13:34 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 13:34 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 13:34 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 13:33 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 13:33 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 13:33 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 13:33 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 13:33 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 13:33 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 13:33 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 13:33 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 13:33 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 13:33 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 13:33 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 13:33 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 13:33 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 13:33 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 13:33 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 13:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 13:33 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 13:33 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 13:33 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 13:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 13:33 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 13:33 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 13:33 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 13:33 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 13:33 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 13:32 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 13:32 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 13:32 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 13:32 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 13:32 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 13:32 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 13:32 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 13:32 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 13:32 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 13:32 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 13:32 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 13:32 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 13:32 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 13:32 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 13:32 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 13:32 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 13:32 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 13:32 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 13:32 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 13:32 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 13:32 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 13:32 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 13:32 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 13:32 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 13:32 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 13:32 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 13:32 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 13:32 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 13:32 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 13:32 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 13:32 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 13:32 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 13:32 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 13:32 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 13:32 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 13:32 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 13:32 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 13:32 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 13:32 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 13:32 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 13:32 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 13:32 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 13:32 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 13:32 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 13:32 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 13:32 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 13:32 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 13:32 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 13:32 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 13:32 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 13:32 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 13:32 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 13:32 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 13:32 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 13:32 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 13:29 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 13:29 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 13:29 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 13:29 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 13:29 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 13:29 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 13:29 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 13:29 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 13:29 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 13:29 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 13:29 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 13:29 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 13:29 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 13:29 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 13:29 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 13:28 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 13:28 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 13:27 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 13:27 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 19:00 - 2014-10-14 19:00 - 00003154 _____ () C:\Windows\System32\Tasks\{0EF7BECB-A850-4783-ADB6-15DFF55E8920}
2014-10-14 18:58 - 2014-10-14 18:58 - 00000000 ____D () C:\Program Files (x86)\predm
2014-10-14 18:54 - 2014-10-14 18:54 - 00000000 ____D () C:\Program Files (x86)\Isaveir
2014-10-14 18:53 - 2014-10-14 18:53 - 00000000 ____D () C:\Program Files (x86)\Reimageplus.com
2014-10-14 18:52 - 2014-10-14 18:52 - 00000000 ____D () C:\Program Files (x86)\DigiISaverr
2014-10-14 14:02 - 2014-10-14 19:00 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-10-14 14:02 - 2014-10-14 14:02 - 00000000 ____D () C:\Users\Keule\Documents\Optimizer Pro
2014-10-14 04:01 - 2014-10-14 04:01 - 00000537 _____ () C:\end
2014-10-14 03:02 - 2014-10-14 03:02 - 01978792 _____ (Cinema PlusV13.10) C:\Users\Keule\AppData\Roaming\VPOY.exe
2014-10-14 03:02 - 2014-10-14 03:02 - 01500072 _____ (Cinema PlusV13.10) C:\Users\Keule\AppData\Roaming\BIXK.exe
2014-10-14 02:01 - 2014-10-14 18:54 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\InetStat
2014-10-14 02:01 - 2014-10-14 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-13 15:59 - 2014-10-13 15:59 - 00000045 _____ () C:\Users\Keule\AppData\Roaming\WB.CFG
2014-10-13 14:59 - 2014-10-14 19:06 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\StormFall
2014-10-13 14:59 - 2014-10-13 14:59 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\GoodGameEmpire
2014-10-13 14:59 - 2014-10-13 14:59 - 00000000 ____D () C:\Users\Keule\AppData\Local\StormFall
2014-10-13 14:59 - 2014-10-13 14:59 - 00000000 ____D () C:\Users\Keule\AppData\Local\GGEmpire
2014-10-13 14:08 - 2014-10-13 14:08 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\ap_movie
2014-10-13 14:08 - 2014-10-13 14:08 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\AnyProtectEx
2014-10-13 14:05 - 2014-10-13 14:05 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\FirefoxToolbar
2014-10-13 14:00 - 2014-10-31 17:09 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\Systweak
2014-10-13 14:00 - 2014-08-29 16:02 - 00020296 _____ () C:\Windows\system32\roboot64.exe
2014-10-13 13:54 - 2014-10-13 13:54 - 00000000 ____D () C:\Users\Keule\AppData\Local\com
2014-10-13 13:53 - 2014-10-13 13:53 - 01545616 _____ (app) C:\Users\Keule\AppData\Roaming\NZKWOXW.exe
2014-10-13 13:52 - 2014-10-31 17:01 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-13 13:52 - 2014-10-13 13:52 - 02038672 _____ (app) C:\Users\Keule\AppData\Roaming\PBOY.exe
2014-10-13 13:52 - 2014-10-13 13:52 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-10-13 13:52 - 2014-10-13 13:52 - 00000000 ____D () C:\Users\Keule\AppData\Local\globalUpdate
2014-10-13 13:51 - 2014-10-14 19:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-13 13:51 - 2014-10-13 13:52 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-10-13 13:51 - 2014-10-13 13:51 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-10-13 13:50 - 2014-10-14 18:54 - 00000000 ____D () C:\Users\Keule\AppData\Local\Genesis_10131250
2014-10-13 13:49 - 2014-10-13 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-10-13 13:49 - 2014-10-11 10:04 - 04834816 _____ () C:\Windows\score.exe
2014-10-13 13:46 - 2014-10-31 16:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-13 13:44 - 2014-10-13 13:44 - 00000000 ____D () C:\ProgramData\APN
2014-10-13 13:34 - 2014-10-13 13:34 - 01625952 _____ () C:\Users\Keule\Downloads\Setup.exe
2014-10-07 18:01 - 2014-10-07 18:20 - 00003839 _____ () C:\Users\Keule\Documents\eurotrucks2.CT
2014-10-07 17:53 - 2014-10-07 17:53 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2014-10-07 17:52 - 2014-10-07 17:52 - 00000000 ____D () C:\Users\Keule\Documents\My Cheat Tables
2014-10-07 17:51 - 2014-10-07 17:51 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\OpenCandy
2014-10-07 17:50 - 2014-10-07 17:51 - 07275072 _____ (Dark Byte ) C:\Users\Keule\Downloads\CheatEngine62.exe
2014-10-07 17:40 - 2014-10-07 17:40 - 00000000 __SHD () C:\Users\Keule\AppData\Local\EmieUserList
2014-10-07 17:40 - 2014-10-07 17:40 - 00000000 __SHD () C:\Users\Keule\AppData\Local\EmieSiteList
2014-10-07 15:26 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-07 15:26 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-07 15:26 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-07 15:26 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-07 15:26 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-07 15:26 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-07 15:26 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-07 15:26 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-07 15:26 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-07 15:26 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-07 15:26 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-07 15:26 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-07 15:26 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-07 15:26 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-07 15:26 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-07 15:26 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-07 15:09 - 2014-10-07 16:19 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-10-07 15:09 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-10-07 15:09 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-07 15:05 - 2014-10-30 17:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-07 15:05 - 2014-10-07 15:41 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-10-07 15:05 - 2014-10-07 15:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-07 14:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-07 14:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-07 14:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-07 14:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-07 14:59 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-07 14:59 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-07 14:59 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-07 14:59 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-07 14:59 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-07 14:59 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-07 14:59 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-07 14:59 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-07 14:39 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-10-07 14:39 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-10-07 14:38 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-07 14:38 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-07 14:38 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-10-07 14:38 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-10-07 14:34 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-10-07 14:34 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-10-07 07:55 - 2014-10-14 18:50 - 00000000 ____D () C:\ProgramData\50CCouupons
2014-10-07 00:13 - 2013-10-14 17:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-10-06 21:59 - 2014-10-06 21:59 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-10-06 21:59 - 2014-10-06 21:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-10-06 21:59 - 2014-10-06 21:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-10-06 21:59 - 2014-10-06 21:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-10-06 21:59 - 2014-10-06 21:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-10-06 21:59 - 2014-10-06 21:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-10-06 21:59 - 2014-10-06 21:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-10-06 21:59 - 2014-10-06 21:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-06 21:59 - 2014-10-06 21:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-06 21:54 - 2014-10-06 21:54 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-06 21:54 - 2014-10-06 21:54 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-06 21:44 - 2014-10-07 00:13 - 00056641 _____ () C:\Windows\IE11_main.log
2014-10-06 21:17 - 2014-10-06 21:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-06 21:17 - 2014-10-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-06 20:03 - 2014-10-15 16:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-06 19:45 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-06 19:45 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-10-06 19:45 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-06 19:45 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-06 19:45 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-06 19:45 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-06 19:45 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-10-06 19:45 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-10-06 19:39 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-10-06 19:39 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-10-06 19:39 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-10-06 19:39 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-06 19:39 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-10-06 19:39 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-10-06 19:39 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-10-06 19:39 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-10-06 19:39 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-10-06 19:39 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-10-06 19:39 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-10-06 19:39 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-10-06 19:39 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-10-06 19:39 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-10-06 19:39 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-10-06 19:39 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-10-06 19:39 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-10-06 19:39 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-06 19:39 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-10-06 19:39 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-10-06 19:39 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-10-06 19:39 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-10-06 19:39 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-10-06 19:39 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-10-06 19:39 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-10-06 19:39 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-10-06 19:39 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-10-06 19:39 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-10-06 19:39 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-10-06 19:39 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-10-06 19:39 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-10-06 19:39 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-10-06 19:39 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-10-06 19:39 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-10-06 19:39 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-10-06 19:39 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-10-06 19:39 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-10-06 19:39 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-10-06 19:39 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-10-06 19:39 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-10-06 19:39 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-10-06 19:38 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-10-06 19:38 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-10-06 19:38 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-10-06 19:38 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-10-06 19:38 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-10-06 19:38 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-10-06 19:38 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-10-06 19:38 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-10-06 19:38 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-10-06 19:38 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-10-06 19:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-10-06 19:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-10-06 19:38 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-10-06 19:38 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-10-06 19:38 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-10-06 19:38 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-10-06 19:38 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-10-06 19:38 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-10-06 19:38 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-10-06 19:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-10-06 19:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-10-06 19:38 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-10-06 19:38 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-10-06 19:38 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-10-06 19:38 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-10-06 19:38 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-10-06 19:38 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-10-06 19:38 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-10-06 19:38 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-10-06 19:38 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-10-06 19:38 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-10-06 19:38 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-10-06 19:38 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-10-06 19:38 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-10-06 19:38 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-10-06 19:38 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-10-06 19:38 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-10-06 19:38 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-10-06 19:38 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-10-06 19:38 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-10-06 19:38 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-10-06 19:37 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-06 19:37 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-06 19:37 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-10-06 19:37 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-06 19:37 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-10-06 19:37 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-06 19:37 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-06 19:37 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-06 19:37 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-06 19:37 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-06 19:37 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-06 19:37 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-06 19:37 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-06 19:37 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-06 19:36 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-06 19:36 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-10-06 19:36 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-06 19:36 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-06 19:36 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-06 19:36 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-06 19:36 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-10-06 19:36 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-06 19:36 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-06 19:36 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-10-06 19:36 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-10-06 19:36 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-10-06 19:36 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-10-06 19:36 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-10-06 19:36 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-10-06 19:36 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-10-06 19:36 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-10-06 19:36 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-10-06 19:36 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-10-06 19:36 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-10-06 19:36 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-10-06 19:36 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-10-06 19:36 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-10-06 19:36 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-10-06 19:36 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-10-06 19:36 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-10-06 19:36 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-10-06 19:36 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-10-06 19:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-10-06 19:36 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-10-06 19:36 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-10-06 19:36 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-06 19:36 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-10-06 19:36 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-10-06 19:36 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-06 19:36 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-10-06 19:36 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-10-06 19:36 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-10-06 19:36 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-10-06 19:36 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-10-06 19:36 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-10-06 19:36 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-10-06 19:36 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-10-06 19:36 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-10-06 19:36 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-10-06 19:36 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-10-06 19:36 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-10-06 19:36 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-10-06 19:36 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-06 19:35 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-06 19:35 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-10-06 19:35 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-10-06 19:35 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-10-06 19:35 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-10-06 19:35 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-10-06 19:35 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-10-06 19:35 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-10-06 19:35 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-10-06 19:35 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-10-06 19:35 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-10-06 19:35 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-10-06 19:35 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-10-06 19:35 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-10-06 19:35 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-10-06 19:35 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-10-06 19:35 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-10-06 19:35 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-10-06 19:35 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-10-06 19:35 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-10-06 19:35 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-10-06 19:35 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-10-06 19:35 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-10-06 19:34 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-06 19:34 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-06 19:34 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-06 19:34 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-06 19:34 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-10-06 19:34 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-10-06 19:34 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-10-06 19:34 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-10-06 19:34 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-10-06 19:34 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-10-06 19:34 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-10-06 19:34 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-10-06 19:34 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-10-06 19:34 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-10-06 19:34 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-10-06 19:34 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-10-06 19:34 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-10-06 19:34 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-10-06 19:34 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-10-06 19:34 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-10-06 19:34 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-10-06 19:34 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-10-06 19:34 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-10-06 19:34 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-10-06 19:34 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-10-06 19:34 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-10-06 19:34 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-10-06 19:34 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-10-06 19:34 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-10-06 19:34 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-10-06 19:34 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-10-06 19:34 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-10-06 19:34 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-10-06 19:34 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-10-06 19:34 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-10-06 19:34 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-10-06 19:34 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-10-06 19:34 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-10-06 19:34 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-10-06 19:34 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-10-06 19:34 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-10-06 19:34 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-10-06 19:34 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-10-06 19:34 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-10-06 19:34 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-10-06 19:34 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-10-06 19:34 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-10-06 19:16 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-10-06 19:16 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-10-06 19:16 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-10-06 19:16 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-10-06 19:16 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-10-06 19:16 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-06 19:16 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-06 19:16 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-10-06 19:15 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-10-06 18:44 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-10-06 18:44 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-10-06 18:02 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-06 18:02 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-06 18:02 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-06 18:02 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-06 18:02 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-06 18:02 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-06 18:02 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-10-06 18:02 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-06 18:02 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-06 18:02 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-06 18:01 - 2014-05-14 08:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-06 18:01 - 2014-05-14 08:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-06 18:01 - 2014-05-14 08:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-06 18:01 - 2014-05-14 08:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-02 17:10 - 2012-08-03 12:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 16:55 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-02 16:52 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-02 16:52 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-02 15:11 - 2010-12-01 21:18 - 01779956 _____ () C:\Windows\WindowsUpdate.log
2014-11-02 15:10 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-02 15:10 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-02 15:04 - 2014-06-26 21:13 - 00052634 _____ () C:\Windows\PFRO.log
2014-11-02 15:04 - 2010-12-01 21:48 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-02 15:04 - 2010-12-01 21:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-02 15:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 15:01 - 2014-09-16 19:43 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-11-02 15:01 - 2010-12-15 18:52 - 00000000 ____D () C:\Users\Keule\AppData\Local\Adobe
2014-11-02 14:47 - 2011-09-03 08:46 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\DVDVideoSoft
2014-11-02 14:38 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-01 18:54 - 2010-12-01 21:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-31 19:51 - 2014-10-02 18:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-31 16:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-31 15:23 - 2011-05-01 20:25 - 00000000 ____D () C:\Windows\Minidump
2014-10-31 15:00 - 2012-01-01 18:57 - 00007603 _____ () C:\Users\Keule\AppData\Local\Resmon.ResmonCfg
2014-10-31 12:18 - 2010-12-14 05:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-30 21:28 - 2014-09-03 16:00 - 00000000 ____D () C:\Users\Keule\Documents\Euro Truck Simulator 2
2014-10-30 20:22 - 2014-07-01 10:01 - 00055782 _____ () C:\Windows\DirectX.log
2014-10-30 20:22 - 2011-01-07 13:02 - 00000000 ____D () C:\Users\Keule\Documents\My Games
2014-10-30 19:45 - 2011-10-02 18:13 - 00408712 _____ () C:\Windows\system32\perfh011.dat
2014-10-30 19:45 - 2011-10-02 18:13 - 00122098 _____ () C:\Windows\system32\perfc011.dat
2014-10-30 19:45 - 2011-10-02 17:54 - 00501348 _____ () C:\Windows\system32\perfh006.dat
2014-10-30 19:45 - 2011-10-02 17:54 - 00098656 _____ () C:\Windows\system32\perfc006.dat
2014-10-30 19:45 - 2011-10-02 17:20 - 00392956 _____ () C:\Windows\system32\prfh0404.dat
2014-10-30 19:45 - 2011-10-02 17:20 - 00115088 _____ () C:\Windows\system32\prfc0404.dat
2014-10-30 19:45 - 2011-10-02 17:04 - 00705814 _____ () C:\Windows\system32\prfh0416.dat
2014-10-30 19:45 - 2011-10-02 17:04 - 00147654 _____ () C:\Windows\system32\prfc0416.dat
2014-10-30 19:45 - 2011-10-02 16:44 - 00720952 _____ () C:\Windows\system32\prfh0816.dat
2014-10-30 19:45 - 2011-10-02 16:44 - 00152904 _____ () C:\Windows\system32\prfc0816.dat
2014-10-30 19:45 - 2011-10-02 16:29 - 00732292 _____ () C:\Windows\system32\perfh015.dat
2014-10-30 19:45 - 2011-10-02 16:29 - 00155870 _____ () C:\Windows\system32\perfc015.dat
2014-10-30 19:45 - 2011-10-02 16:02 - 00648616 _____ () C:\Windows\system32\perfh01F.dat
2014-10-30 19:45 - 2011-10-02 16:02 - 00139998 _____ () C:\Windows\system32\perfc01F.dat
2014-10-30 19:45 - 2011-10-02 15:30 - 00375884 _____ () C:\Windows\system32\prfh0804.dat
2014-10-30 19:45 - 2011-10-02 15:30 - 00119590 _____ () C:\Windows\system32\prfc0804.dat
2014-10-30 19:45 - 2011-10-02 14:53 - 00716534 _____ () C:\Windows\system32\perfh019.dat
2014-10-30 19:45 - 2011-10-02 14:53 - 00150840 _____ () C:\Windows\system32\perfc019.dat
2014-10-30 19:45 - 2011-10-02 14:42 - 00486448 _____ () C:\Windows\system32\perfh014.dat
2014-10-30 19:45 - 2011-10-02 14:42 - 00095402 _____ () C:\Windows\system32\perfc014.dat
2014-10-30 19:45 - 2011-10-02 14:31 - 00598922 _____ () C:\Windows\system32\perfh008.dat
2014-10-30 19:45 - 2011-10-02 14:31 - 00111126 _____ () C:\Windows\system32\perfc008.dat
2014-10-30 19:45 - 2011-10-02 14:20 - 00655654 _____ () C:\Windows\system32\perfh01D.dat
2014-10-30 19:45 - 2011-10-02 14:20 - 00142472 _____ () C:\Windows\system32\perfc01D.dat
2014-10-30 19:45 - 2011-10-02 14:10 - 00420358 _____ () C:\Windows\system32\perfh012.dat
2014-10-30 19:45 - 2011-10-02 14:10 - 00120382 _____ () C:\Windows\system32\perfc012.dat
2014-10-30 19:45 - 2011-10-02 13:59 - 00660774 _____ () C:\Windows\system32\perfh005.dat
2014-10-30 19:45 - 2011-10-02 13:59 - 00141424 _____ () C:\Windows\system32\perfc005.dat
2014-10-30 19:45 - 2011-10-02 13:36 - 00735432 _____ () C:\Windows\system32\perfh013.dat
2014-10-30 19:45 - 2011-10-02 13:36 - 00153100 _____ () C:\Windows\system32\perfc013.dat
2014-10-30 19:45 - 2011-10-02 13:22 - 00473436 _____ () C:\Windows\system32\perfh00B.dat
2014-10-30 19:45 - 2011-10-02 13:22 - 00101518 _____ () C:\Windows\system32\perfc00B.dat
2014-10-30 19:45 - 2011-10-02 13:16 - 00675688 _____ () C:\Windows\system32\perfh00E.dat
2014-10-30 19:45 - 2011-10-02 13:16 - 00171272 _____ () C:\Windows\system32\perfc00E.dat
2014-10-30 19:45 - 2011-10-02 13:05 - 00737390 _____ () C:\Windows\system32\perfh00A.dat
2014-10-30 19:45 - 2011-10-02 13:05 - 00158472 _____ () C:\Windows\system32\perfc00A.dat
2014-10-30 19:45 - 2011-10-02 12:58 - 00384278 _____ () C:\Windows\system32\perfh00D.dat
2014-10-30 19:45 - 2011-10-02 12:58 - 00084756 _____ () C:\Windows\system32\perfc00D.dat
2014-10-30 19:45 - 2011-10-02 12:44 - 00731980 _____ () C:\Windows\system32\perfh010.dat
2014-10-30 19:45 - 2011-10-02 12:44 - 00146844 _____ () C:\Windows\system32\perfc010.dat
2014-10-30 19:45 - 2011-10-02 12:39 - 00737650 _____ () C:\Windows\system32\perfh00C.dat
2014-10-30 19:45 - 2011-10-02 12:39 - 00470948 _____ () C:\Windows\system32\perfh001.dat
2014-10-30 19:45 - 2011-10-02 12:39 - 00149578 _____ () C:\Windows\system32\perfc00C.dat
2014-10-30 19:45 - 2011-10-02 12:39 - 00094770 _____ () C:\Windows\system32\perfc001.dat
2014-10-30 19:45 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-10-30 19:45 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-10-30 19:45 - 2009-07-14 06:13 - 17451024 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-30 17:45 - 2014-08-22 16:20 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-30 17:45 - 2011-05-01 20:22 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-10-30 17:45 - 2010-12-14 08:42 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-10-30 17:45 - 2010-12-14 08:37 - 00000000 ____D () C:\Program Files\Logitech
2014-10-30 17:45 - 2010-12-01 21:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-30 17:45 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-30 17:45 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-10-30 17:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-30 17:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-30 12:25 - 2010-12-01 21:37 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-26 16:30 - 2012-11-02 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-26 16:30 - 2010-12-01 21:44 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-26 02:22 - 2014-09-16 19:41 - 00000000 ____D () C:\ProgramData\817622e663d16f39
2014-10-24 13:53 - 2012-08-03 12:14 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-24 13:52 - 2012-08-03 12:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-24 13:52 - 2011-05-20 07:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-21 13:13 - 2011-11-02 19:12 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-10-16 17:54 - 2012-10-10 21:23 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-16 17:54 - 2012-10-10 21:22 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-10-16 17:54 - 2010-12-01 21:44 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-10-16 17:54 - 2010-08-05 11:15 - 20968040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-16 17:54 - 2010-08-05 11:15 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-16 17:54 - 2010-08-05 11:15 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 06883136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 00933064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-10-16 15:11 - 2010-07-29 18:52 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-10-16 14:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:43 - 2009-07-14 05:45 - 00385968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-10-15 16:36 - 2010-12-13 23:20 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 01:48 - 2012-11-02 10:39 - 04047877 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-14 19:07 - 2010-12-01 21:20 - 00001421 _____ () C:\Users\Keule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-14 18:55 - 2014-07-02 20:16 - 00000000 ____D () C:\Users\Keule\AppData\Local\jZip
2014-10-14 18:54 - 2014-10-02 18:50 - 00000000 ____D () C:\ProgramData\Isaveir
2014-10-14 18:52 - 2014-09-23 20:08 - 00000000 ____D () C:\ProgramData\DigiISaverr
2014-10-14 03:02 - 2010-12-14 10:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-08 15:57 - 2012-09-29 16:03 - 17062024 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-08 15:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-10-08 15:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-10-07 16:24 - 2011-10-02 17:19 - 00000000 ____D () C:\Windows\system32\Drivers\zh-HK
2014-10-07 11:54 - 2010-12-01 21:10 - 00000000 ____D () C:\Windows\Panther
2014-10-07 11:44 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-07 11:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-07 11:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-07 11:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-10-07 11:39 - 2012-05-12 10:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-07 00:45 - 2009-07-14 03:34 - 00000499 _____ () C:\Windows\win.ini
2014-10-06 21:17 - 2012-09-19 11:07 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-06 21:17 - 2010-12-14 10:54 - 00000000 ____D () C:\ProgramData\Skype
2014-10-06 20:23 - 2012-05-12 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-30 22:34

==================== End Of Log ============================
         

Alt 03.11.2014, 14:36   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:


    Ads Remover

    GaoSaVe

    GS_Booster

    GS_Sustainer 1.80

    YoutubEADBlocke

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.11.2014, 17:38   #6
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



Revo Uninstaller heruntergeladen und ausgeführt aber ich finde die daten die ich löschen soll nicht.Er zeigt mir nur meine Programme an die ich löschen kann

wie bzw wo kann ich die sachen finden

Alt 04.11.2014, 10:25   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



Zitat:
Er zeigt mir nur meine Programme an die ich löschen kann
Un in der Liste der installierten Programme sollten auch die stehen die ich oben in Rot aufgezählt habe.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.11.2014, 15:26   #8
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



leider nein habe alles durchsucht und finde es nicht

Alt 04.11.2014, 21:01   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



Siehst Du sie in WIndows in der Systemsteuerung? Wenn ja dort deinstallieren. Egal wie direkt weiter mit dem nächsten Schritt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.11.2014, 18:08   #10
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



Nein da finde ich auch nichts

Alt 06.11.2014, 11:36   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



dann weiter mit den 3 Tools
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.11.2014, 19:08   #12
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



Addition

Code:
ATTFilter
o;?Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by Keule at 2014-11-02 17:57:10
Running from C:ÖUsersÖKeuleÖAppDataÖLocalÖMicrosoftÖWindowsÖTemporary Internet FilesÖContent.IE5ÖT7AJA1PL
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) ä4F35CFC4-45A3-FC37-EF17-759A02E39AB1ü
AS: Microsoft Security Essentials (Enabled - Up to date) äF4542E20-6399-F3B9-D5A7-4EE87964D00Cü
AS: Windows Defender (Disabled - Up to date) äD68DDC3A-831F-4fae-9E44-DA132C1ACF46ü

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32Ö...ÖAdobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32Ö...ÖAdobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32Ö...ÖäAC76BA86-7AD7-1031-7B44-AB0000000001ü) (Version: 11.0.09 - Adobe Systems Incorporated)
Ads Remover (HKLM-x32Ö...Öä37476589-E48E-439E-A706-56189E2ED4C4ü_is1) (Version:  - Ads Remover) <==== ATTENTION
ANNO 1503 (HKLM-x32Ö...ÖäEBBB1DEF-8878-4CB8-BC0D-1196B30E7527ü) (Version: 1.05 - )
Anno 1701 (HKLM-x32Ö...ÖäA2433A63-5F5D-40E5-B529-9123C2B3E734ü) (Version: 1.02 - Sunflowers)
ANNO 2070 (HKLM-x32Ö...ÖäB48E264C-C8CD-4617-B0BE-46E977BAD694ü) (Version: 1.0.0.0 - Ubisoft)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32Ö...ÖARMA 2 Operation Arrowhead) (Version:  - )
ArmA 2 Uninstall (HKLM-x32Ö...ÖArmA 2) (Version:  - )
AutoGreen B09.1014.2 (HKLM-x32Ö...ÖInstallShield_äC75FAD21-EC08-42F3-92D6-C9C0AB355345ü) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Battlefield 3b " (HKLM-x32Ö...Öä76285C16-411A-488A-BCE3-C83CB933D8CFü) (Version: 1.4.0.0 - Electronic Arts)
Battlefield: Bad Companyb " 2 (HKLM-x32Ö...Öä3AC8457C-0385-4BEA-A959-E095F05D6D67ü) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32Ö...ÖBattlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BitZipper 2013 (HKLM-x32Ö...ÖBitZipper_is1) (Version: 2013.12.10.17 - Bitberry Software)
Brother MFL-Pro Suite MFC-250C (HKLM-x32Ö...Öä48D082B9-18F6-4426-AFAC-8B6A3E7021B1ü) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
C-Media PCI Audio Device (HKLMÖ...ÖC-Media PCI Audio Driver) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Creative Systeminformationen (HKLM-x32Ö...ÖSysInfo) (Version: 1.10 - Creative Technology Limited)
Darkest Hour: Europe '44-'45 (HKLM-x32Ö...ÖSteam App 1280) (Version:  - Darkest Hour Team)
DES 2.0 (HKLM-x32Ö...Öä675F86A8-E093-4002-87D5-915CC2C45571ü) (Version: 1.00.0000 - Gigabyte)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32Ö...ÖSteam App 227300) (Version:  - SCS Software)
ExsteraSavinogs (HKLM-x32Ö...ÖäC637A71C-A4B2-4B47-1B2A-1042A8D525A3ü) (Version:  - "")
Farming Simulator 2013 (HKLM-x32Ö...ÖSteam App 220260) (Version:  - Giants Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32Ö...ÖFirebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32Ö...ÖFree YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
GaoSaVe (HKLM-x32Ö...ÖäC87834EB-A2A0-B9D4-AA9A-C263D1191051ü) (Version: 4.3.0.1350 - ) <==== ATTENTION
Gigabyte Raid Configurer (HKLM-x32Ö...Öä3A1B5D40-41E9-43FA-8C7B-A8667F5586EFü) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
GoSavee (HKLM-x32Ö...Öä64A4ABCA-CF3D-C548-2DC4-72A55DC5882Aü) (Version:  - "")
GS_Booster (HKLM-x32Ö...ÖS-576482620) (Version: 1.3.0.1452 - PremiumSoft) <==== ATTENTION
GS_Sustainer 1.80 (HKLM-x32Ö...Öä5F189DF5-2D05-472B-9091-84D9848AE48Büä4d349a54ü) (Version:  - Certified Publisher) <==== ATTENTION
Intel(R) Rapid Storage Technology (HKLM-x32Ö...Öä3E29EE6C-963A-4aae-86C1-DC237C4A49FCü) (Version: 9.5.0.1037 - Intel Corporation)
Internet-TV fC<r Windows Media Center (HKLM-x32Ö...Öä9D318C86-AF4C-409F-A6AC-7183FF4CF424ü) (Version: 4.2.2.0 - Microsoft Corporation)
Java 8 Update 25 (64-bit) (HKLMÖ...Öä26A24AE4-039D-4CA4-87B4-2F86418025F0ü) (Version: 8.0.250 - Oracle Corporation)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Landwirtschafts Simulator 15 (HKLM-x32Ö...ÖFarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software)
Lara Croft and the Guardian of Light (HKLM-x32Ö...ÖSteam App 35130) (Version:  - Crystal Dynamics)
LG Bluetooth Drivers (HKLM-x32Ö...ÖäAC7EE5F1-0DE4-4256-8E43-92B73C8E6019ü) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32Ö...ÖLG PC Suite IV) (Version: 4.2.46.20101118 - LG Electronics)
LG United Mobile Drivers (HKLM-x32Ö...Öä9BC97E7F-8E26-44B8-841A-C5262754FC89ü) (Version: 2.1 - LG Electronics)
Logitech Gaming Software 5.10 (HKLMÖ...Öä1444D2EE-C7AD-44A8-844F-2634B49353D1ü) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 7.00 (HKLMÖ...Öä690285C2-2481-44FB-8402-162EA970A6DDü) (Version: 7.00.291 - Logitech Inc.)
Logitech SetPoint (HKLM-x32Ö...ÖäF29B21BD-CAA6-445F-8EF7-A7E2B9D8B14Eü) (Version: 4.80 - Logitech)
Mare Nostrum (HKLM-x32Ö...ÖSteam App 1230) (Version:  - Sandstorm Productions)
McAfee Security Scan Plus (HKLMÖ...ÖMcAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Medal of Honorb " Warfighter (HKLM-x32Ö...Öä48379835-BF2E-4487-9CB1-D5E654502B53ü) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (DeE!tina) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (dansk) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1030) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (espaC1ol) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (FranC'ais) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PortuguC*s do Brasil) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PortuguC*s) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (suomi) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1035) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (svenska) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1053) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (TC<rkC'e) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (N N;N;N7N=N9N:N,) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (P Q Q Q P:P8P9) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1049) (Version: 4.5.50938 - P P>Q P?P>Q P0Q P8Q  P P0P9P:Q P>Q P>Q Q )
Microsoft .NET Framework 4.5.1 (W"W W(W W*) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1037) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (X'Y X9X1X(Y
X)) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1025) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (f %f ,h* ) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1041) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (g. d= d8-f ) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 2052) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1(m  j5-l 4) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1042) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk sprC%kpakke (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLMÖ...Öä92FB6C44-E685-45AD-9B20-CADF4CABA132ü - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32Ö...Öä41785C66-90F2-40CE-8CB5-1C94BFC97280ü) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32Ö...Öä90140000-2005-0000-0000-0000000FF1CEü) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32Ö...ÖäF40BBEC7-C2A4-4A00-9B24-7A055A2C5262ü) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32Ö...Öä90110407-6000-11D3-8CFE-0150048383C9ü) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32Ö...ÖäD24DB8B9-BB6C-4334-9619-BA1C650E13D3ü) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLMÖ...ÖMicrosoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLMÖ...Öä89F4137D-6C26-4A84-BDB8-2E5A4BB71E00ü) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLMÖ...ÖäB6E3757B-5E77-3915-866A-CCFC4B8D194Cü) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32Ö...Öä770657D0-A123-3C07-8E44-1C83EC895118ü) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32Ö...Öä710f4c1c-cc18-4c49-8cbf-51240c89a1a2ü) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32Ö...Öä7299052b-02a4-4627-81f2-1818da5d550dü) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32Ö...Öä837b34e3-7c30-493c-8f6a-2b0f04e2912cü) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLMÖ...Öäaac9fcc4-dd9e-4add-901c-b5496a07ab2eü) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLMÖ...Öä071c9b48-7c32-4621-a0ac-3f809523288fü) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLMÖ...Öä6ce5bae9-d3ca-4b99-891a-1dc6c118a5fcü) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLMÖ...Öä6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6Aü) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLMÖ...Öäad8a2fa1-06e7-4b0d-927d-6e54b3d31028ü) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLMÖ...Öä8220EEFE-38CD-377E-8595-13398D740ACEü) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLMÖ...Öä4B6C7001-C7D6-3710-913E-5BC23FCE91E6ü) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLMÖ...Öä5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4ü) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32Ö...Öä9A25302D-30C0-39D9-BD6F-21E6EC160475ü) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32Ö...Öä1F1C2DFC-2D24-3E06-BCB8-725134ADF989ü) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32Ö...Öä9BE518E6-ECC6-35A9-88E4-87755C07200Fü) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLMÖ...Öä1D8E6291-B0D5-35EC-8441-6616F567A0F7ü) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32Ö...ÖäF0C3E5D1-1ADE-321E-8167-68EF0DE699A5ü) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32Ö...ÖMozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32Ö...ÖMozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32Ö...Öä86493ADD-824D-4B8E-BD72-8C5DCDC52A71ü) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32Ö...ÖäF662A8E6-F4DC-41A2-901E-8C11F044BDECü) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32Ö...Öä716E0306-8318-4364-8B8F-0CC4E9376BACü) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLMÖ...ÖäB2FE1952-0186-46C3-BAEC-A80AA35AC5B8ü_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.48 (HKLMÖ...ÖäB2FE1952-0186-46C3-BAEC-A80AA35AC5B8ü_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLMÖ...ÖNVIDIA Display Control Panel) (Version: 6.14.12.5919 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLMÖ...ÖäB2FE1952-0186-46C3-BAEC-A80AA35AC5B8ü_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLMÖ...ÖäB2FE1952-0186-46C3-BAEC-A80AA35AC5B8ü_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLMÖ...ÖäB2FE1952-0186-46C3-BAEC-A80AA35AC5B8ü_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLMÖ...ÖäB2FE1952-0186-46C3-BAEC-A80AA35AC5B8ü_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (HKLM-x32Ö...Öä3DECD372-76A1-4483-BF10-B547790A3261ü) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32Ö...ÖOrigin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
PaperPort Image Printer 64-bit (HKLMÖ...ÖäABA4FAF1-6389-45F9-92CE-3914A4E5C471ü) (Version: 1.00.0000 - Nuance Communications, Inc.)
PunkBuster Services (HKLM-x32Ö...ÖPunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32Ö...Öä8833FFB6-5B0C-4764-81AA-06DFEED9A476ü) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32Ö...ÖäF132AF7F-7BCA-4EDE-8A7C-958108FE7DBCü) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad (HKLM-x32Ö...ÖSteam App 35450) (Version:  - Tripwire)
Red Orchestra: Ostfront 41-45 (HKLM-x32Ö...ÖSteam App 1200) (Version:  - Tripwire Interactive)
Samsung Easy Printer Manager (HKLM-x32Ö...ÖSamsung Easy Printer Manager) (Version: 1.05.51.00(19.06.2014) - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM-x32Ö...Öä02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17ü) (Version: 11.2.0000 - Nuance Communications, Inc.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skypeb " 6.11 (HKLM-x32Ö...Öä4E76FF7E-AEBA-4C87-B788-CD47E5425B9Dü) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32Ö...ÖUpdate Engine) (Version: 2.12.5.57 - Sony Ericsson Mobile Communications AB)
Sony PC Companion 2.10.115 (HKLM-x32Ö...ÖäF09EF8F2-0976-42C1-8D9D-8DF78337C6E3ü) (Version: 2.10.115 - Sony)
Sound Blaster Tactic(3D) (HKLM-x32Ö...Öä92000C16-939B-44CA-802F-0D552019D7C8ü) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32Ö...Öä048298C9-A4D3-490B-9FF9-AB023A9238F3ü) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 3 (HKLM-x32Ö...ÖSteam App 47400) (Version:  - Firefly Studios)
TeamSpeak 3 Client (HKLM-x32Ö...ÖTeamSpeak 3 Client) (Version: 3.0.9.2 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32Ö...ÖTeamViewer 7) (Version: 7.0.12979 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32Ö...Öä7B3F0113-E63C-4D6D-AF19-111A3165CCA2ü) (Version: 1.0.0.0 - Magix Development GmbH)
Ubisoft Game Launcher (HKLM-x32Ö...Öä888F1505-C2B3-4FDE-835D-36353EBD4754ü) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32Ö...ÖUplay) (Version: 4.6 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Wartung Samsung CLP-320 Series (HKLM-x32Ö...ÖSamsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
WEB.DE MailCheck fC<r Mozilla Firefox (HKLM-x32Ö...Ö1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Media Center Add-in for Silverlight (HKLM-x32Ö...Öä0EDBEB2B-7C8D-42E6-8312-0F84394A3223ü) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32Ö...Öä69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4ü) (Version: 1.0.0.8 - Microsoft Corp)
YoutubEADBlocke (HKLM-x32Ö...Öä4820778D-AB0D-6D18-C316-52A6A0E1D507ü) (Version: 1.1.0.1547 - ) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

30-10-2014 19:19:47 DirectX wurde installiert
31-10-2014 11:02:27 Windows Update
31-10-2014 15:37:50 Removed Java 7 Update 71
31-10-2014 15:38:47 Removed Java 7 Update 71
01-11-2014 17:51:05 Installiert Sound Blaster Tactic(3D)
01-11-2014 17:53:50 GerC$tetreiber-Paketinstallation: CREATIVE Audio-, Video- und Gamecontroller

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-02 16:52 - 00000027 ____A C:ÖWindowsÖsystem32ÖDriversÖetcÖhosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: ä1086884C-9F83-425B-A802-6CE88679636Aü - System32ÖTasksÖInstallShield Software-Aktualisierungsdienst => C:ÖProgram Files (x86)ÖCommon FilesÖInstallShieldÖUpdateServiceÖissch.exe Ä2005-02-17Ü (InstallShield Software Corporation)
Task: ä1978AB39-80CE-4FE9-9051-283E45E08F97ü - System32ÖTasksÖMicrosoftÖWindowsÖWindowsBackupÖAutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: ä531C249F-4C01-4A6C-914E-A809A0424B74ü - System32ÖTasksÖä6626EF3B-A609-48A9-9CED-FE1F69587EE5ü => Firefox.exe 
Task: ä58CE6AFF-7E6A-4AEB-A9F8-5EC8D6304F2Cü - System32ÖTasksÖAdobe Flash Player Updater => C:ÖWindowsÖSysWOW64ÖMacromedÖFlashÖFlashPlayerUpdateService.exe Ä2014-10-24Ü (Adobe Systems Incorporated)
Task: ä5A7A23B8-2667-4AA2-BDEB-20EF26122451ü - System32ÖTasksÖä0F48E379-C488-4FD2-A348-948BC4D06E74ü => Firefox.exe 
Task: ä61F9EE01-49CE-4C06-BF65-75E30333E4D6ü - System32ÖTasksÖLaunchSignup => C:ÖProgram Files (x86)ÖMyPC BackupÖSignup Wizard.exe <==== ATTENTION
Task: ä66BB19B4-867B-480E-A0A3-B436B289EEC2ü - System32ÖTasksÖAdobe-Online-Aktualisierungsprogramm => C:ÖProgram Files (x86)ÖCommon FilesÖAdobeÖARMÖ1.0ÖAdobeARM.exe Ä2014-08-21Ü (Adobe Systems Incorporated)
Task: ä798C4621-B7A8-41AD-B2E1-65E136B8F5F5ü - System32ÖTasksÖScanSoft Background Update => C:ÖProgram Files (x86)ÖCommon FilesÖScansoft SharedÖSSBkgdUpdateÖSSBkgdupdate.exe Ä2006-10-25Ü (Nuance Communications, Inc.)
Task: äA528B7E0-99EA-42EC-9191-AE9D5B269906ü - System32ÖTasksÖä7987E01D-7620-4EEA-993C-03846944A18Cü => Firefox.exe 
Task: äA695EE6E-CA4B-438A-B549-61AB121E496Cü - System32ÖTasksÖäF7B03492-31B2-4373-A2B4-FEB5450484E8ü => C:ÖPROGRAMMEÖMEINHAUSPLANERÖPROGÖCADAVAÖmeinHausplaner.exe
Task: äA6A28B0D-B40E-4DCA-AF2F-B13B9B077BAAü - System32ÖTasksÖäE7B1BF92-F41B-4FE1-B221-795CC936E5A2ü => C:ÖProgram Files (x86)ÖSkypeÖÖPhoneÖSkype.exe Ä2013-11-14Ü (Skype Technologies S.A.)
Task: äAF8252D8-E4E1-44A2-93FE-88BFBC7FD00Fü - System32ÖTasksÖInstallShield Software-Online-Aktualisierungsprogramm => C:ÖProgram Files (x86)ÖCommon FilesÖInstallShieldÖUpdateServiceÖISUSPM.exe Ä2005-02-17Ü (InstallShield Software Corporation)
Task: äC77F826C-C3CD-4860-A251-08C8CB7BD17Cü - System32ÖTasksÖGame_Booster_AutoUpdate => C:ÖProgram Files (x86)ÖIObitÖGame Booster 3ÖAutoUpdate.exe
Task: äE64D69ED-EBAE-4B74-9EE8-5A059FC601A4ü - System32ÖTasksÖä1E5A71F1-FE21-4BFA-99F2-98F09B3017D3ü => Firefox.exe 
Task: äEF2423A5-8F92-4DF1-B23F-328D1A64F9CCü - System32ÖTasksÖJava Update Scheduler => C:ÖProgram Files (x86)ÖCommon FilesÖJavaÖJava UpdateÖjusched.exe Ä2014-10-07Ü (Oracle Corporation)
Task: C:ÖWindowsÖTasksÖAdobe Flash Player Updater.job => C:ÖWindowsÖSysWOW64ÖMacromedÖFlashÖFlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-11-02 19:05 - 2009-09-11 08:48 - 00027648 _____ () C:ÖWindowsÖSystem32Össt3cl6.dll
2011-10-29 21:12 - 2014-10-16 15:11 - 00116880 _____ () C:ÖProgram FilesÖNVIDIA CorporationÖDisplayÖNvSmartMax64.dll
2010-12-01 21:29 - 2009-06-17 16:13 - 00068136 _____ () C:ÖProgram Files (x86)ÖGIGABYTEÖEnergySaver2Ödes2svr.exe
2010-12-01 21:25 - 2010-01-19 03:31 - 00072304 ____R () C:ÖWindowsÖSysWOW64ÖXSrvSetup.exe
2010-12-14 00:20 - 2012-12-23 14:20 - 00076888 _____ () C:ÖWindowsÖSysWOW64ÖPnkBstrA.exe
2014-10-13 13:49 - 2014-10-11 10:04 - 04834816 _____ () C:ÖWindowsÖscore.exe
2010-12-01 21:29 - 2009-05-04 17:56 - 00102400 _____ () C:ÖProgram Files (x86)ÖGIGABYTEÖEnergySaver2Öycc.dll
2010-12-01 21:25 - 2009-10-02 13:18 - 00058880 _____ () C:ÖProgram Files (x86)ÖIntelÖIntel(R) Rapid Storage TechnologyÖIsdiInterop.dll
2014-10-31 19:51 - 2014-10-11 13:53 - 03649648 _____ () C:ÖProgram Files (x86)ÖMozilla FirefoxÖmozjs.dll
2014-10-24 13:52 - 2014-10-24 13:52 - 16832176 _____ () C:ÖWindowsÖSysWOW64ÖMacromedÖFlashÖNPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIGÖServices: LBTServ => 3
MSCONFIGÖServices: nvUpdatusService => 2
MSCONFIGÖServices: SkypeUpdate => 2
MSCONFIGÖServices: Sony PC Companion => 3
MSCONFIGÖServices: Steam Client Service => 3
MSCONFIGÖServices: Stereo Service => 2
MSCONFIGÖServices: TeamViewer7 => 2
MSCONFIGÖServices: TuneUp.UtilitiesSvc => 2
MSCONFIGÖstartupreg: Samsung PanelMgr => C:ÖWindowsÖSamsungÖPanelMgrÖssmmgr.exe /autorun

========================= Accounts: ==========================

Administrator (S-1-5-21-1968684957-3168343925-173667196-500 - Administrator - Disabled)
Gast (S-1-5-21-1968684957-3168343925-173667196-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1968684957-3168343925-173667196-1003 - Limited - Enabled)
Keule (S-1-5-21-1968684957-3168343925-173667196-1000 - Administrator - Enabled) => C:ÖUsersÖKeule

==================== Faulty Device Manager Devices =============

Name: ttnfd
Description: ttnfd
Class Guid: ä8ECC055D-047F-11D1-A537-0000F8753ED1ü
Manufacturer: 
Service: ttnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/02/2014 02:50:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xd7c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/02/2014 04:17:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xe98
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "XML document is too long" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070018, Das Programm hat einen Befehl ausgegeben, aber die BefehlslC$nge ist falsch.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "XML document is too long" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070018, Das Programm hat einen Befehl ausgegeben, aber die BefehlslC$nge ist falsch.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:52:52 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: WindowsFC<r diesen Befehl ist nicht genC<gend Speicher verfC<gbar.

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "XML document is too long" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070018, Das Programm hat einen Befehl ausgegeben, aber die BefehlslC$nge ist falsch.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (10/31/2014 04:38:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä41EF8B34-9D24-42ED-8C1A-6FD3EE341608ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer


System errors:
=============
Error: (11/02/2014 04:52:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:05:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:05:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:05:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ttnfd

Error: (11/02/2014 03:04:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhC$ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/02/2014 03:04:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhC$ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/02/2014 03:04:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS_Sustainer erreicht.

Error: (11/02/2014 03:02:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:02:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/02/2014 03:02:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht mC6glich sind. Der Dienst wird mC6glicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================
Error: (11/02/2014 02:50:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425d7c01cff6a3c57086b3C:ÖProgram Files (x86)ÖMozilla FirefoxÖplugin-container.exeC:ÖProgram Files (x86)ÖMozilla FirefoxÖmozalloc.dll38e5153e-6297-11e4-b058-1c6f654cea65

Error: (11/02/2014 04:17:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425e9801cff64b02b9bc15C:ÖProgram Files (x86)ÖMozilla FirefoxÖplugin-container.exeC:ÖProgram Files (x86)ÖMozilla FirefoxÖmozalloc.dllb54b193a-623e-11e4-b058-1c6f654cea65

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:53:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: XML document is too long0x80070018, Das Programm hat einen Befehl ausgegeben, aber die BefehlslC$nge ist falsch.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:53:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: XML document is too long0x80070018, Das Programm hat einen Befehl ausgegeben, aber die BefehlslC$nge ist falsch.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:52:52 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: WindowsFC<r diesen Befehl ist nicht genC<gend Speicher verfC<gbar.

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (11/01/2014 06:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: XML document is too long0x80070018, Das Programm hat einen Befehl ausgegeben, aber die BefehlslC$nge ist falsch.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä95C087A9-04ED-41F6-B22A-D5BC97684FA8ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer

Error: (10/31/2014 04:38:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   AusfC<hrungskontext: Requestor
   Generatorinstanz-ID: ä41EF8B34-9D24-42ED-8C1A-6FD3EE341608ü
   Generatorklassen-ID: äE8132975-6F93-4464-A53E-1050253AE220ü
   Generatorname: System Writer


CodeIntegrity Errors:
===================================
  Date: 2014-11-02 15:01:30.261
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖComboFixÖcatchme.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 15:01:30.073
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖComboFixÖcatchme.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:28:08.072
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:28:06.953
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:14:24.072
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:14:22.854
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:11:10.038
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:11:09.004
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:07:20.529
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:07:19.608
  Description: Windows konnte die AbbildintegritC$t der Datei "ÖDeviceÖHarddiskVolume2ÖWindowsÖSystem32ÖdriversÖLU1103A.sys" nicht C<berprC<fen, weil der Dateihash nicht im System gefunden wurde. MC6glicherweise wurde durch eine kC<rzlich durchgefC<hrte Hardware- oder SoftwareC$nderung eine falsch signierte oder beschC$digte Datei oder eine Datei, bei der es sich um schC$dliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU 660 § 3.33GHz
Percentage of memory in use: 62%
Total physical RAM: 4087.48 MB
Available physical RAM: 1515.95 MB
Total Pagefile: 14809.66 MB
Available Pagefile: 12228.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:172.69 GB) (Free:23 GB) NTFS
Drive d: () (Fixed) (Total:271.87 GB) (Free:40.93 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS
Drive f: () (Fixed) (Total:180.88 GB) (Free:180.63 GB) NTFS
Drive g: () (Fixed) (Total:284.78 GB) (Free:284.68 GB) NTFS
Drive h: (Landwirtschafts-Simulator 2015) (CDROM) (Total:1.87 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 811F2DC4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=172.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=271.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 256F32EA)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Adwcleaner

Code:
ATTFilter
# AdwCleaner v4.002 - Bericht erstellt am 02/11/2014 um 19:40:28
# DB v2014-10-26.6
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Keule - KEULE-PC
# Gestartet von : C:\Users\Keule\Downloads\AdwCleaner_4.002.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : Scores

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\Conduit
Ordner Gelöscht : C:\Users\Keule\AppData\Roaming\FirefoxToolbar
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\Users\Keule\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Keule\AppData\Local\jZip
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\ProgramData\Trusted Publisher
Ordner Gelöscht : C:\ProgramData\Driver Mender
Ordner Gelöscht : C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\Extensions\3Qc@lMtEJ.org
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\score.exe
Datei Gelöscht : C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\11-suche.xml

***** [ Tasks ] *****

Task Gelöscht : LaunchSignup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\..9
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-576482620
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{bab6aa71-5399-4b04-9d3b-fcc252da9c81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{d8469a9f-1517-4b9c-85ee-99915b8c1e05}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{f12d44d6-38fe-45aa-9262-ec4ab9f1fda0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f12d44d6-38fe-45aa-9262-ec4ab9f1fda0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{bab6aa71-5399-4b04-9d3b-fcc252da9c81}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d8469a9f-1517-4b9c-85ee-99915b8c1e05}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{bab6aa71-5399-4b04-9d3b-fcc252da9c81}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d8469a9f-1517-4b9c-85ee-99915b8c1e05}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{bab6aa71-5399-4b04-9d3b-fcc252da9c81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d8469a9f-1517-4b9c-85ee-99915b8c1e05}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f12d44d6-38fe-45aa-9262-ec4ab9f1fda0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{bab6aa71-5399-4b04-9d3b-fcc252da9c81}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{d8469a9f-1517-4b9c-85ee-99915b8c1e05}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\Bitberry
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\jZip
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\WebEnhance
Schlüssel Gelöscht : HKCU\Software\StormWatch
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\iLividSRTB
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\GS_Booster
Schlüssel Gelöscht : HKLM\SOFTWARE\TermTutor
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C637A71C-A4B2-4B47-1B2A-1042A8D525A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [8861 octets] - [02/11/2014 19:35:16]
AdwCleaner[S0].txt - [7549 octets] - [02/11/2014 19:40:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7609 octets] ##########
         

JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Ultimate x64
Ran by Keule on 02.11.2014 at 19:25:15,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLivid_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLivid_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_bewerbungsmaster_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_bewerbungsmaster_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLivid_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLivid_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_bewerbungsmaster_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_bewerbungsmaster_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06c21f1b-d05e-4d1f-bb5f-82f7d4769403}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06c21f1b-d05e-4d1f-bb5f-82f7d4769403}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{06c21f1b-d05e-4d1f-bb5f-82f7d4769403}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08754b90-6d07-43f4-9b52-22ed6be00e58}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{08754b90-6d07-43f4-9b52-22ed6be00e58}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08754b90-6d07-43f4-9b52-22ed6be00e58}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30e9882a-f8ec-4bce-97ad-c575c594c0b2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{30e9882a-f8ec-4bce-97ad-c575c594c0b2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{30e9882a-f8ec-4bce-97ad-c575c594c0b2}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06c21f1b-d05e-4d1f-bb5f-82f7d4769403}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{06c21f1b-d05e-4d1f-bb5f-82f7d4769403}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08754b90-6d07-43f4-9b52-22ed6be00e58}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{08754b90-6d07-43f4-9b52-22ed6be00e58}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30e9882a-f8ec-4bce-97ad-c575c594c0b2}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{30e9882a-f8ec-4bce-97ad-c575c594c0b2}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06c21f1b-d05e-4d1f-bb5f-82f7d4769403}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{06c21f1b-d05e-4d1f-bb5f-82f7d4769403}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08754b90-6d07-43f4-9b52-22ed6be00e58}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{08754b90-6d07-43f4-9b52-22ed6be00e58}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30e9882a-f8ec-4bce-97ad-c575c594c0b2}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{30e9882a-f8ec-4bce-97ad-c575c594c0b2}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\50CCouupons
Successfully deleted: [Folder] C:\ProgramData\DigiISaverr
Successfully deleted: [Folder] C:\ProgramData\Isaveir
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Keule\AppData\Roaming\anyprotectex"
Successfully deleted: [Folder] "C:\Users\Keule\AppData\Roaming\ap_logs"
Successfully deleted: [Folder] "C:\Users\Keule\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Keule\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Keule\appdata\local\chromatic browser"
Successfully deleted: [Folder] "C:\Users\Keule\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Keule\appdata\local\globalupdate"
Successfully deleted: [Folder] "C:\Users\Keule\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\Keule\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\predm"
Successfully deleted: [Folder] "C:\Users\Keule\documents\optimizer pro"



~~~ FireFox

Successfully deleted: [File] C:\Users\Keule\AppData\Roaming\mozilla\firefox\profiles\3oaghyg8.default\user.js
Successfully deleted: [File] C:\Users\Keule\AppData\Roaming\mozilla\firefox\profiles\3oaghyg8.default\invalidprefs.js
Successfully deleted: [Folder] C:\Users\Keule\AppData\Roaming\mozilla\firefox\profiles\3oaghyg8.default\conduitcommon
Successfully deleted: [Folder] C:\Users\Keule\AppData\Roaming\mozilla\firefox\profiles\3oaghyg8.default\extensions\toolbar@web.de
Successfully deleted the following from C:\Users\Keule\AppData\Roaming\mozilla\firefox\profiles\3oaghyg8.default\prefs.js

user_pref("CT2269050..clientLogIsEnabled", false);
user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.tbccint.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.tbccint.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/default.aspx");
user_pref("CT2269050.AppTrackingLastCheckTime", "Mon Aug 20 2012 09:43:21 GMT+0200");
user_pref("CT2269050.BrowserCompStateIsOpen_129568601980692121", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129575150554007677", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129705015340022508", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129977890572899945", true);
user_pref("CT2269050.BrowserCompStateIsOpen_130100683276316706", true);
user_pref("CT2269050.BrowserCompStateIsOpen_1359634297000", true);
user_pref("CT2269050.BrowserCompStateIsOpen_319764460718209437", true);
user_pref("CT2269050.CT2269050", "CT2269050");
user_pref("CT2269050.CurrentServerDate", "4-10-2014");
user_pref("CT2269050.DialogsAlignMode", "LTR");
user_pref("CT2269050.DialogsGetterLastCheckTime", "Thu Oct 02 2014 19:34:52 GMT+0200");
user_pref("CT2269050.DownloadReferralCookieData", "");
user_pref("CT2269050.EMailNotifierPollDate", "Mon Nov 19 2012 14:08:47 GMT+0100");
user_pref("CT2269050.FirstServerDate", "5-4-2011");
user_pref("CT2269050.FirstTime", true);
user_pref("CT2269050.FirstTimeFF3", true);
user_pref("CT2269050.FixPageNotFoundErrors", true);
user_pref("CT2269050.GroupingServerCheckInterval", 1440);
user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.tbccint.com/");
user_pref("CT2269050.HasUserGlobalKeys", true);
user_pref("CT2269050.HomePageProtectorEnabled", false);
user_pref("CT2269050.HomepageBeforeUnload", "hxxp://www.ro-panzerdivision.de/user/index.php?action=userlobby");
user_pref("CT2269050.Initialize", true);
user_pref("CT2269050.InitializeCommonPrefs", true);
user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
user_pref("CT2269050.InstallationId", "StubInstaller");
user_pref("CT2269050.InstallationType", "ConduitIntegration");
user_pref("CT2269050.InstalledDate", "Tue Apr 05 2011 18:19:40 GMT+0200");
user_pref("CT2269050.InvalidateCache", false);
user_pref("CT2269050.IsAlertDBUpdated", true);
user_pref("CT2269050.IsGrouping", false);
user_pref("CT2269050.IsMulticommunity", false);
user_pref("CT2269050.IsOpenThankYouPage", true);
user_pref("CT2269050.IsOpenUninstallPage", true);
user_pref("CT2269050.LanguagePackLastCheckTime", "Sat Oct 04 2014 19:34:54 GMT+0200");
user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.tbccint.com/Translation.ashx");
user_pref("CT2269050.LastLogin_3.10.0.1", "Mon Apr 23 2012 20:14:40 GMT+0200");
user_pref("CT2269050.LastLogin_3.12.0.7", "Thu Apr 26 2012 07:00:50 GMT+0200");
user_pref("CT2269050.LastLogin_3.12.2.3", "Wed May 30 2012 11:37:45 GMT+0200");
user_pref("CT2269050.LastLogin_3.13.0.6", "Wed Jun 27 2012 15:10:54 GMT+0200");
user_pref("CT2269050.LastLogin_3.14.1.0", "Wed Aug 22 2012 12:13:16 GMT+0200");
user_pref("CT2269050.LastLogin_3.15.1.0", "Wed Nov 07 2012 15:54:23 GMT+0100");
user_pref("CT2269050.LastLogin_3.16.0.3", "Sat Oct 04 2014 19:34:54 GMT+0200");
user_pref("CT2269050.LastLogin_3.3.3.2", "Fri Jun 24 2011 17:41:21 GMT+0200");
user_pref("CT2269050.LastLogin_3.5.0.12", "Mon Aug 15 2011 15:22:52 GMT+0200");
user_pref("CT2269050.LastLogin_3.6.0.10", "Wed Sep 28 2011 15:24:17 GMT+0200");
user_pref("CT2269050.LastLogin_3.7.0.6", "Mon Nov 28 2011 20:01:33 GMT+0100");
user_pref("CT2269050.LastLogin_3.8.0.8", "Wed Dec 07 2011 19:52:08 GMT+0100");
user_pref("CT2269050.LastLogin_3.8.1.0", "Mon Jan 09 2012 20:31:41 GMT+0100");
user_pref("CT2269050.LastLogin_3.9.0.3", "Wed Feb 15 2012 08:05:06 GMT+0100");
user_pref("CT2269050.LatestVersion", "3.20.0.4");
user_pref("CT2269050.Locale", "en");
user_pref("CT2269050.MCDetectTooltipHeight", "83");
user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2269050.MCDetectTooltipWidth", "295");
user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
user_pref("CT2269050.RadioIsPodcast", false);
user_pref("CT2269050.RadioLastCheckTime", "Mon Nov 19 2012 14:02:05 GMT+0100");
user_pref("CT2269050.RadioLastUpdateIPServer", "3");
user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
user_pref("CT2269050.RadioMediaID", "12473383");
user_pref("CT2269050.RadioMediaType", "Media Player");
user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
user_pref("CT2269050.RadioShrinkedFromSetup", false);
user_pref("CT2269050.RadioStationName", "Hotmix%20108");
user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
user_pref("CT2269050.SavedHomepage", "hxxp://www.ro-panzerdivision.de/news/");
user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
user_pref("CT2269050.SearchFromAddressBarIsInit", true);
user_pref("CT2269050.SearchInNewTabEnabled", true);
user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sat Oct 04 2014 19:34:53 GMT+0200");
user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
user_pref("CT2269050.SearchProtectorEnabled", true);
user_pref("CT2269050.SearchProtectorToolbarDisabled", true);
user_pref("CT2269050.ServiceMapLastCheckTime", "Sat Oct 04 2014 19:34:54 GMT+0200");
user_pref("CT2269050.SettingsLastCheckTime", "Thu Oct 02 2014 19:34:51 GMT+0200");
user_pref("CT2269050.SettingsLastUpdate", "1410934433");
user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sat Nov 03 2012 19:28:48 GMT+0100");
user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2269050.ToolbarDisabled", false);
user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.cpccint.com");
user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,tbclient.tbccint.com,codefuel.com,tbccint.com,trovi.com,seccint.com,cpccint.com,
user_pref("CT2269050.UserID", "UN59257639606402698");
user_pref("CT2269050.ValidationData_Search", 2);
user_pref("CT2269050.ValidationData_Toolbar", 2);
user_pref("CT2269050.WeatherNetwork", "");
user_pref("CT2269050.WeatherPollDate", "Mon Nov 19 2012 14:02:16 GMT+0100");
user_pref("CT2269050.WeatherUnit", "C");
user_pref("CT2269050.alertChannelId", "666138");
user_pref("CT2269050.approveUntrustedApps", true);
user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D474549484C5952594B335E5356432C45333438334A414C546660576364676F6A5E4B766B6E5B
user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B
user_pref("CT2269050.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462B554A4D4B4749594D33535D4F432C45333439344A414C565B5E6C656E706C7164736D4D786D
user_pref("CT2269050.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262A442B564B4E3B243D2F2D2F2F33433A45373838615D61406A644F38514341424545574E594B
user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D6850
user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A66
user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D6C6F707175756E74");
user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473727576777B7B747A242F4B49474F42357D5D5C3D");
user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D
user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A49
user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D
user_pref("CT2269050.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6E414F444D327A344352574757532F5A4F515C4C594F3762575A473E492C58545E6A4F38513C
user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D327A344F4849524E562F59593E3540234F4B5561462F48334A414C2F6B616E73706568666B7
user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444D327A344F4849524E562F5A4F523F364124504C56624730493B4B424D306C626F7471666967
user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A
user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B
user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B
user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D
user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A312833474745445159575B504B504B4D5E545553533A655A5D4A334C3C3B3A395148536775636367757567
user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B
user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A43
user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68
user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A72
user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37502E4F4747315C5154412A4334313738483F4A635F5A6A645E625A4772676A5740594A47
user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D
user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A51
user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F67757868
user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C44
user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A52404548564F58315C5154412A4335342F37483F4A68646B645D5E626462616D6971726B6C78
user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352C37565949484E4F51525C4E4C55535B54605A5A3E695E614E37503B3D41544B567575656D73
user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E3128335351565551575A4F584C5E335E5356432C4534383649404B6B59566C686B46716669563F58474B48
user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C484A2C574C2F48533E27403233433A45665B68505C5E406B6E4F38514343544B56776C79616D
user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215642542D584D503D263F2D2E2E2E443B4635645E6669595C6062686F5C7363716F696467764F
user_pref("CT2269050.backendstorage./9b-0?3g>d", "3C6D3C413F7471457A71444878207C4D7B77257A5251532A54285629572B265B2D2F5F30");
user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
user_pref("CT2269050.backendstorage./9b5ba==9cjag", "3A697040404044707A72744973797B797E79795124");
user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6C6F70717575717674767B");
user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2269050.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
user_pref("CT2269050.backendstorage.autocompletepro_enable", "31");
user_pref("CT2269050.backendstorage.autocompletepro_enable_auto", "31");
user_pref("CT2269050.backendstorage.cb_experience_000", "33");
user_pref("CT2269050.backendstorage.cb_firstuse0100", "31");
user_pref("CT2269050.backendstorage.cb_user_id_000", "43423332373336373833373035345F46697265666F78");
user_pref("CT2269050.backendstorage.cbcountry_000", "4445");
user_pref("CT2269050.backendstorage.cbcountry_001", "4445");
user_pref("CT2269050.backendstorage.cbfirsttime", "5475652041707220313720323031322030363A35363A303220474D542B30323030");
user_pref("CT2269050.backendstorage.cbopenmamsettings", "30");
user_pref("CT2269050.backendstorage.ct2269050ads1", "25374225323261647325323225334125354225374225323261696425323225334125323234343438342532322532432532327469746C65253232253341
user_pref("CT2269050.backendstorage.ct2269050current_term", "");
user_pref("CT2269050.backendstorage.ct2269050isadsdisabled", "66616C7365");
user_pref("CT2269050.backendstorage.ct2269050sdate", "3237");
user_pref("CT2269050.backendstorage.facebook_ctid_connect_send_new", "73656E646564");
user_pref("CT2269050.backendstorage.facebook_mode", "32");
user_pref("CT2269050.backendstorage.facebook_user_locale", "6465");
user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "53756E204F637420313420323031322031373A30393A323520474D542B30323030");
user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F7777772E736E617073636F7574732E64652F636F6D6D756E6974792F67622F3839323535322F7031342F3A3A3A636C69636B68616E
user_pref("CT2269050.backendstorage.youtube_user_first_login_date", "30362F31372F32303131");
user_pref("CT2269050.backendstorage.youtube_user_survey_visit", "4E4F545F56495349544544");
user_pref("CT2269050.backendstorage.youtubelang", "4445");
user_pref("CT2269050.counterAppsAdded", 1);
user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Thu Nov 15 2012 15:19:03 GMT+0100");
user_pref("CT2269050.homepageProtectorEnableByLogin", true);
user_pref("CT2269050.initDone", true);
user_pref("CT2269050.isAppTrackingManagerOn", false);
user_pref("CT2269050.isFirstRadioInstallation", false);
user_pref("CT2269050.myStuffEnabled", true);
user_pref("CT2269050.myStuffPublihserMinWidth", 400);
user_pref("CT2269050.myStuffSearchUrl", "hxxp://appstrm.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129466585399606892,129881140170815901,129391330693125668,129863783591067571,129881141106886992,12
user_pref("CT2269050.revertSettingsEnabled", true);
user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
user_pref("CT2269050.searchProtectorEnableByLogin", true);
user_pref("CT2269050.testingCtid", "");
user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sat Oct 04 2014 19:34:54 GMT+0200");
user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sat Nov 17 2012 14:12:02 GMT+0100");
user_pref("CT2269050.usagesFlag", 2);
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"00432b2734c0c6152c3f7bf206fa21843\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1112915/1108619/DE", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", "\"1365594729\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"807dc126dd28cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"dfe74040abc2ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.0.12", "\"8028f138140cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"0ee90707f77cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"80ee9485875dcc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"80ee9485875dcc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"6a637346d78ccc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050", "\"a238378f7d0708034a0defa297cb8b8b\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2269050&octid=CT2269050", "\"1322501035\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"1311170367\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer_dead.gif", "\"0a8c48d3330c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.gif", "\"0e2106f3030c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif", "\"0f475394430c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif", "\"08d9ef44430c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif", "\"066e8863030c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"96b780c3b31ea4474635d36b8db0b990\"");
user_pref("CommunityToolbar.EngineOwner", "");
user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
user_pref("CommunityToolbar.IsEngineShown", true);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Keule\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\3oaghyg8.default\\conduitCommon\\modules\\3.16.0.3");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.16.0.3");
user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_ext_msg_key_b47fe019", "356x332");
user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/menu_dlg/pg_dlg.html#pg_ext_msg_key_b47fe019", "100x89");
user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://storage.conduit.com/MarketPlace/07/dd/07caac71-eac9-4963-9fa6-f6c1cc836ddd//6dcc2d0e-330c-437f-b369-9d668308f7f8.html", 
user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://storage.conduit.com/MarketPlace/07/dd/07caac71-eac9-4963-9fa6-f6c1cc836ddd/Gadgets/9b2c0b7d-47bd-440b-a22f-35bf33416229.
user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Apr 05 2011 17:44:34 GMT+0200");
user_pref("CommunityToolbar.alert.alertEnabled", true);
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 20:15:35 GMT+0200");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 19:23:49 GMT+0200");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "bc8f4359-18dc-465c-9215-0c0d832a2f86");
user_pref("CommunityToolbar.globalUserId", "da7ecdbf-203d-4eab-80c1-aa9017fafd18");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
user_pref("CommunityToolbar.killedEngine", true);
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Nov 16 2012 11:59:57 GMT+0100");
user_pref("CommunityToolbar.notifications.alertEnabled", true);
user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 19 2012 14:02:17 GMT+0100");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Nov 19 2012 14:02:16 GMT+0100");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "6a1ccf75-70bb-4f96-98cf-e563629aa1bb");
user_pref("CommunityToolbar.undefined", "");
user_pref("browser.search.defaultthis.engineName", "DVDVideoSoftTB Customized Web Search");
user_pref("browser.search.order.1", "default-search.net");
user_pref("extensions.3gCexdKQoY5JKdPe.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11
user_pref("extensions.5j0vrK2Ptsl4o2bd.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11
user_pref("extensions.6eoNArOXTkiNFMU1.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11
user_pref("extensions.6eoNArOXTkiNFMU1.url", "hxxp://sweetdiaryset.info/sync2/?q=hfZ9oetNgMgMCyVUojs4rTwMg708BNmGWj8wmihGheDUojw9rjaErTw6qdkGrShIC7n0rjnFrdaGrjC8rdwGtNhVCT94tM
user_pref("extensions.Vbx5xZslGqEseE5m.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11
user_pref("extensions.Vbx5xZslGqEseE5m.url", "hxxp://driverguidemy.ru/sync2/?q=hfZ9ofV9CShEAen0rTUGrihTB6lKDzt4okmxtNtVh7n0rjnEpjw7rjY9rjn8tMFHhd9FqdwErdsFqHr9qdUMDMlGojUMAe4U
user_pref("extensions.aUdc5l2WeGxOdzqH.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.afterInstallRpt", "sent");
user_pref("extensions.incredibar.cntry", "DE");
user_pref("extensions.incredibar.dfltLng", "EN");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.dfltlng", "EN");
user_pref("extensions.incredibar.dfltsrch", "false");
user_pref("extensions.incredibar.did", "10665");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "02ECD384868A06FAEB0F690122229431");
user_pref("extensions.incredibar.hmpg", "false");
user_pref("extensions.incredibar.hrdid", "5a5e4c2b0000000000001c6f654cea65");
user_pref("extensions.incredibar.id", "5a5e4c2b0000000000001c6f654cea65");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15660");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.instlday", "15660");
user_pref("extensions.incredibar.instlref", "");
user_pref("extensions.incredibar.isDcmntCmplt", true);
user_pref("extensions.incredibar.isdcmntcmplt", true);
user_pref("extensions.incredibar.keywordurl", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1411:59:50");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.newtab", "false");
user_pref("extensions.incredibar.newtaburl", "");
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.prtnrid", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.smplgrp", "none");
user_pref("extensions.incredibar.srch", "");
user_pref("extensions.incredibar.srchprvdr", "");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyUmF6dPU&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.tlbrid", "base");
user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyUmF6dPU&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6OyUmF6dPU");
user_pref("extensions.incredibar.upn2n", "92262461028865126");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1411:59:50");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar.vrsnts", "1.5.11.1411:59:50");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10665");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "5a5e4c2b0000000000001c6f654cea65");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15660");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyUmF6dPU&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6OyUmF6dPU");
user_pref("extensions.incredibar_i.upn2n", "92262461028865126");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1411:59:50");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.uBPkb6JRwnioO7gk.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio
Emptied folder: C:\Users\Keule\AppData\Roaming\mozilla\firefox\profiles\3oaghyg8.default\minidumps [105 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.11.2014 at 19:28:29,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 08.11.2014, 19:09   #13
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



mbam

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.11.2014
Suchlauf-Zeit: 18:58:39
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.3.1025
Malware Datenbank: v2014.11.02.05
Rootkit Datenbank: v2014.11.01.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Keule

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 403612
Verstrichene Zeit: 24 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
Trojan.ZBAgent.NS, C:\Windows\score.exe, 1808, Löschen bei Neustart, [da2381b5bfbd290d89f6735f4bb6d52b]

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 43
Trojan.ZBAgent.NS, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\scores, In Quarantäne, [da2381b5bfbd290d89f6735f4bb6d52b], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In Quarantäne, [25d86dc904787eb89d68515ab84a04fc], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In Quarantäne, [25d86dc904787eb89d68515ab84a04fc], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In Quarantäne, [25d86dc904787eb89d68515ab84a04fc], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In Quarantäne, [25d86dc904787eb89d68515ab84a04fc], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [6499d5611c60d95dfb0b4d9c639f20e0], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [37c6989ed8a4d561113e2c80887a3fc1], 
PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}, In Quarantäne, [01fc68ce0d6f82b465682a82709223dd], 
PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}, In Quarantäne, [01fc68ce0d6f82b465682a82709223dd], 
PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}, In Quarantäne, [01fc68ce0d6f82b465682a82709223dd], 
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f34c9277-6577-4dff-b2d7-7d58092f272f}, In Quarantäne, [3cc16ec8c3b9979f5a55e3d59d6517e9], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, In Quarantäne, [1ae3ca6c7c00ce68f6d950ffb64d23dd], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [48b5af87d5a79d99f2dca0afb0536997], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\IB Updater, In Quarantäne, [9b6272c4d8a460d6626d9eb1b64d15eb], 
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MYBESTOFFERSTODAY, In Quarantäne, [30cd65d1ea92d16509e958db8a79df21], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SmdmF, In Quarantäne, [aa53a4920e6ea98de06080b439ca7987], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [0af345f1423a3afcc97ea9ef956f7090], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, In Quarantäne, [46b702348bf1a88e58320230a55e21df], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [39c453e3fc80fb3b0fb396f646beae52], 
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [ab52e65004785fd7903e331c81823cc4], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, In Quarantäne, [f20b37ff83f911252e6ee54b1ae96a96], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54}, In Quarantäne, [8578e353324a033344ac3904f60d33cd], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, In Quarantäne, [28d594a24f2db87eb0a88ca6f310738d], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [31cc181ed8a42610ccbd68caa85b56aa], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [c439e94d2d4fc472e60c51eb9f64b050], 
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, In Quarantäne, [28d58ea888f41125e0acae7948bb3ac6], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [1fdeac8aeb91290dd5b82403ac57bf41], 
PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD, In Quarantäne, [31cc9d99502c3bfbb251f739748f8b75], 
PUP.Optional.BrowsersApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers+Apps+1.1, In Quarantäne, [59a472c49ede61d5ec2795a25ea54bb5], 
PUP.Optional.Cinema.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinPl-2.5cV13.10, In Quarantäne, [3dc016201b6186b0e736ac84d52e4cb4], 
PUP.Optional.GenericAddon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon, In Quarantäne, [f4096ccad5a770c688cbeb45a2614fb1], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [32cbdc5a621a49ed2279c3b6d52f8977], 
Adware.21Nova, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\32 Vegas Casino, In Quarantäne, [07f69b9bff7dec4a4fed48870ef5827e], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [3dc079bd1c601b1b7aadb6c257ad11ef], 
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, In Quarantäne, [c6374aecec90a88efc40250f47bcf010], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, In Quarantäne, [2ecf5fd7e69658de3a47fc9f71932ad6], 
PUP.Optional.GenericAddon.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon, In Quarantäne, [3cc191a57309f640d47f34fc3bc8f60a], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [2ad3ed49a2da63d3c9c5d686c73c15eb], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [69947cbac6b6e94dae5e91d11ee5e818], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [27d6b2846e0e57df98b39cdc4bb9f50b], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [6697c96dc6b61224004f3120768dde22], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [7c819b9b2557092dd51c2319d231f709], 
PUP.Optional.AdsRemover.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}_is1, In Quarantäne, [f80592a4403c40f67f76fc26af5409f7], 

Registrierungswerte: 6
PUP.Optional.TermTutor.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|termtutor@termtutor.com, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com, In Quarantäne, [906d8caa1e5e6dc9758cb87860a328d8]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, In Quarantäne, [28d594a24f2db87eb0a88ca6f310738d]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, tugs, In Quarantäne, [31cc181ed8a42610ccbd68caa85b56aa]
PUP.Optional.Score.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SCORES|ImagePath, C:\Windows\score.exe, In Quarantäne, [2ecf79bde29acb6bca5c6ac0c241da26]
PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD|ImagePath, system32\drivers\ttnfd.sys, In Quarantäne, [31cc9d99502c3bfbb251f739748f8b75]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0J1L2U1C1H1Q0R2X1L1R1P0B1P, In Quarantäne, [27d6b2846e0e57df98b39cdc4bb9f50b]

Registrierungsdaten: 5
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}),Ersetzt,[4ab32b0b7309c86e869a37018382d52b]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1413205223&from=cor&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU769767297672&q={searchTerms}),Ersetzt,[12eb56e0146856e073a754d96d981ce4]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}),Ersetzt,[1be274c2562667cf52b3f933b94c916f]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}),Ersetzt,[6b92ee4897e5bb7b4db90c20f4118e72]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1968684957-3168343925-173667196-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAY1Ayjpk-WfuaqVGtz6fJmRxfeCOZSdomfgPS2wNnpl4XeKqfnsJTm0zZrENyNgq6uhaz1aeluITl54regma3BYnkMSwmB4RUtMGSJVhFHPFcKAurHMgCnPKKY_--Evw,,&q={searchTerms}),Ersetzt,[2fceeb4b92ea68ce12ef8ba161a4e41c]

Ordner: 20
PUP.Optional.OpenCandy, C:\Users\Keule\AppData\Roaming\OpenCandy, In Quarantäne, [926b67cf6814013558cb9c5d12f07789], 
PUP.Optional.OpenCandy, C:\Users\Keule\AppData\Roaming\OpenCandy\94D303DB2C01493C9109AC1BF50848F8, In Quarantäne, [926b67cf6814013558cb9c5d12f07789], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.BProtector.A, C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl, In Quarantäne, [ae4f54e283f9d2645873ec1141c114ec], 
PUP.Optional.BProtector.A, C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\18401.5807.9847_0, In Quarantäne, [ae4f54e283f9d2645873ec1141c114ec], 
PUP.Optional.Datamngr.A, C:\Users\Keule\AppData\LocalLow\DataMngr, In Quarantäne, [d12ce35338448babb1b9ce319c66bf41], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [88751d19720a46f0b4f519f542c1e21e], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [88751d19720a46f0b4f519f542c1e21e], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [42bb5adce69658de59b31cf5996a5da3], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [42bb5adce69658de59b31cf5996a5da3], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [8d7078be9ae25cda3ce0a86f4ab9649c], 
PUP.Optional.SettingsManager.A, C:\Users\Keule\AppData\Roaming\FirefoxToolbar\Settings Manager, In Quarantäne, [30cdfd3997e5b284482c52c812f10bf5], 
PUP.Optional.GenesisOffers, C:\Users\Keule\AppData\Local\Genesis_10131250, In Quarantäne, [9568af87116b9d990ffeb3683dc615eb], 
PUP.Optional.CrossRider.A, C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch, In Quarantäne, [c33aeb4b80fc76c042141709be459a66], 
PUP.Optional.CrossRider.A, C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.42_0, In Quarantäne, [c33aeb4b80fc76c042141709be459a66], 
PUP.Optional.CrossRider.A, C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago, In Quarantäne, [2fcea393e89467cf3cb3ed3449ba15eb], 
PUP.Optional.CrossRider.A, C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.11_0, In Quarantäne, [2fcea393e89467cf3cb3ed3449ba15eb], 
PUP.Optional.AdsRemover.A, C:\ProgramData\Ads Remover, In Quarantäne, [f80592a4403c40f67f76fc26af5409f7], 
PUP.Optional.ExtremeBlocker.A, C:\ProgramData\Extreme Blocker, In Quarantäne, [3cc1979f0f6dea4c3ad42af9e023ba46], 

Dateien: 127
Trojan.ZBAgent.NS, C:\Windows\score.exe, Löschen bei Neustart, [da2381b5bfbd290d89f6735f4bb6d52b], 
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, In Quarantäne, [39c49b9b97e593a329792e3fb44d1ae6], 
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, In Quarantäne, [d32a082ef08c50e6f58503b6768b50b0], 
PUP.Optional.CrossRider.A, C:\Users\Keule\AppData\Roaming\BIXK.exe, In Quarantäne, [8e6f43f3acd012242a9c6306947154ac], 
PUP.Optional.BrowsersApp.A, C:\Users\Keule\AppData\Roaming\NZKWOXW.exe, In Quarantäne, [a5582511d2aae155b8f02d3c1fe6669a], 
PUP.Optional.BrowsersApp.A, C:\Users\Keule\AppData\Roaming\PBOY.exe, In Quarantäne, [53aa2511bac2cc6a7f2923467c89d62a], 
PUP.Optional.CrossRider.A, C:\Users\Keule\AppData\Roaming\VPOY.exe, In Quarantäne, [7b82270ff98341f5378f67020ef7ab55], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [609d31056f0d87af0d7a3df832ce4ab6], 
PUP.Optional.MultiPlug, C:\Users\Keule\Downloads\Ich heie Marvin.mp4.exe, In Quarantäne, [33cac76fd5a72c0afd7acb10e918ab55], 
PUP.Optional.Bandoo, C:\Users\Keule\Downloads\iLividSetup(1).exe, In Quarantäne, [15e884b2f5873bfbce3ffa27877aaa56], 
PUP.Optional.Bandoo, C:\Users\Keule\Downloads\iLividSetup.exe, In Quarantäne, [df1e8da97507ee489c7143de36cb18e8], 
PUP.Optional.Bandoo, C:\Users\Keule\Downloads\jZipSetup-r136-n-bf.exe, In Quarantäne, [0cf10630d5a7d264ef3918b748b9ef11], 
PUP.Optional.OptimunInstaller, C:\Users\Keule\Downloads\setup(1).exe, In Quarantäne, [d82537ffcdafc175e5f028211ae659a7], 
PUP.Optional.DomaIQ, C:\Users\Keule\Downloads\Setup.exe, In Quarantäne, [6f8ef24483f9d066d259124656aa6f91], 
PUP.Optional.Softonic.A, C:\Users\Keule\Downloads\SoftonicDownloader_fuer_bewerbungsmaster.exe, In Quarantäne, [e41995a11f5d77bf81eb1027b34e13ed], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSID12F.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [24d96ec8cab2ac8a490b52dc748c5ca4], 
PUP.Optional.InetStat.A, C:\Users\Keule\AppData\Roaming\InetStat\inetstat.exe, In Quarantäne, [dd20f83ec0bc91a5247f998d91726799], 
PUP.Optional.SearchResults.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\Search_Results.xml, In Quarantäne, [9d60a78fa0dc85b10af2bc6f19ea619f], 
PUP.Optional.DefaultSearch.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\default-search.xml, In Quarantäne, [b94423135d1f7fb7e90f75df6d96f709], 
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, In Quarantäne, [55a8171f5c20d165ed0cd38134cf60a0], 
PUP.Optional.Conduit.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\conduit.xml, In Quarantäne, [57a669cd621add5986e73720c04336ca], 
PUP.Optional.OpenCandy, C:\Users\Keule\AppData\Roaming\OpenCandy\94D303DB2C01493C9109AC1BF50848F8\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe, In Quarantäne, [926b67cf6814013558cb9c5d12f07789], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\1.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\a.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\b.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\c.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\d.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\e.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\f.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\g.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\h.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\i.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\J.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\k.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\l.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\m.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\mru.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\n.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\o.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\p.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\q.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\r.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\s.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\t.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\u.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\v.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\w.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\x.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\y.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.PriceGong.A, C:\Users\Keule\AppData\LocalLow\PriceGong\Data\z.xml, In Quarantäne, [11ec43f38bf17eb8821043b90bf70000], 
PUP.Optional.Datamngr.A, C:\Users\Keule\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, In Quarantäne, [d12ce35338448babb1b9ce319c66bf41], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [88751d19720a46f0b4f519f542c1e21e], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [42bb5adce69658de59b31cf5996a5da3], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, In Quarantäne, [8d7078be9ae25cda3ce0a86f4ab9649c], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, In Quarantäne, [8d7078be9ae25cda3ce0a86f4ab9649c], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, In Quarantäne, [8d7078be9ae25cda3ce0a86f4ab9649c], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, In Quarantäne, [8d7078be9ae25cda3ce0a86f4ab9649c], 
PUP.Optional.AdsRemover.A, C:\ProgramData\Ads Remover\Ads Remover.exe, In Quarantäne, [f80592a4403c40f67f76fc26af5409f7], 
PUP.Optional.ExtremeBlocker.A, C:\ProgramData\Extreme Blocker\Extreme Blocker.exe, In Quarantäne, [3cc1979f0f6dea4c3ad42af9e023ba46], 
PUP.Optional.CrossRider.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1490992b571c368f4e97bae65b3f3750");), Ersetzt,[38c567cfccb0181e4f00b2bbcf363fc1]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.incredibar.actvtyRptTime", "1410940981393");), Ersetzt,[609dff377a025adc9bc5b4b9e223af51]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (not edit this file.
 *
 * If you make changes ), Ersetzt,[11ec7abc324a37ff09571459877eb44c]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If ), Ersetzt,[3bc2f046b0cc5fd75e025518bb4a9769]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make ch), Ersetzt,[d924fc3a80fcbb7b124eadc0887d26da]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make ), Ersetzt,[8e6fb2844a32e551a7b94c21fc096e92]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (eferences

/* Do not edit this file.
 *
 * If), Ersetzt,[f20b989e0d6fed49a6ba204d70955ca4]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you), Ersetzt,[9b62c1754d2f7cbaaeb2a4c95ca924dc]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you), Ersetzt,[ad506dc9dca0f3436000a1cca36243bd]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you m), Ersetzt,[e914280ee69679bdbca4610c39cc936d]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you ), Ersetzt,[cc31a3930b710234f76907663ec7e719]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you make), Ersetzt,[c83581b54a328da9c39d5518da2bd52b]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make c), Ersetzt,[02fbba7c7b01ef47590792dbcc39ac54]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file w), Ersetzt,[8776b87e6319d6602b35a2cb9b6afe02]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (s file.
 *
 * If you make changes to this file ), Ersetzt,[d726f64029530630342cec81fe079868]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make changes to this file), Ersetzt,[9469a195f18bec4aa9b704699d68a858]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (is file.
 *
 * If you make changes to this file while the application is), Ersetzt,[07f640f6fc809c9a57091c51ea1b758b]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: ( this file.
 *
 * If you make changes to this file while t), Ersetzt,[2fce9f97fe7e37ff73edc7a612f3b14f]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (/* Do not edit this file.
 *
 * If you make changes), Ersetzt,[0af33501542885b1db8574f9739240c0]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you ), Ersetzt,[a657b185dba141f569f70c619a6b57a9]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you m), Ersetzt,[0af32016bebef6402e3271fcd0353fc1]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make ch), Ersetzt,[5ba231052d4f1c1aafb1c5a8f80daa56]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you mak), Ersetzt,[cd3063d3a3d9ed49c49c9fcefd08eb15]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to ), Ersetzt,[fffe3df9ceae41f564fcd19c39cc6a96]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ot edit this file.
 *
 * If you make changes to thi), Ersetzt,[38c51a1cf18bca6c8dd395d8d1347888]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you m), Ersetzt,[2dd0c076611b5ed8332db6b7a5609c64]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you ), Ersetzt,[40bd74c21369c4723a26de8f798c38c8]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * I), Ersetzt,[4ab376c0e29a3204451b91dc3dc85aa6]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (r Preferences

/* Do not edit this file.
 *
 * If y), Ersetzt,[6e8f0c2af785ca6c3828323baa5b48b8]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (s

/* Do not edit this file.
 *
 * If you make ), Ersetzt,[23dac076a8d49b9b8dd34f1eec192ed2]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make ch), Ersetzt,[fb023df9126a39fde17f3c31828359a7]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make changes ), Ersetzt,[10ed49ed85f7d95d065a2845966f4db3]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you ma), Ersetzt,[e9142412374560d638282b42e4218e72]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If ), Ersetzt,[a756a98d0a72fb3bfd63650833d2817f]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you m), Ersetzt,[1edfc472b6c6f244144c006d52b352ae]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * I), Ersetzt,[9865ba7ccfad0333d28e8ae34abbbc44]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: ( Preferences

/* Do not edit this file.
 *
 *), Ersetzt,[8974a19582fa03335a0693dac1448080]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If yo), Ersetzt,[00fdca6ce399082eabb5551856afd62a]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * th), Ersetzt,[09f49f97b6c6b3830d53076653b2f808]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (this file while the application is running,
 * th), Ersetzt,[e21bdf57403cd85e3d236a0306ffd32d]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (this file while the application is running,
 * the ch), Ersetzt,[38c547ef5c2047efe27e4f1e6f96ce32]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make changes to), Ersetzt,[04f96acc66161d19a0c073fad72e748c]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: ( Do not edit this file.
 *
 * If you make changes t), Ersetzt,[d52866d0f18b90a6025e14599f662ad6]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make changes to), Ersetzt,[19e4181ef686bf77f36d85e8b5509070]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (Do not edit this file.
 *
 * If you make changes to ), Ersetzt,[cb328aacc4b866d017495f0ea75ef40c]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make changes to ), Ersetzt,[2ad340f6c2baf442a0c06d00a65f49b7]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (Do not edit this file.
 *
 * If you make changes ), Ersetzt,[8b728bab7a022e08006077f6b74e48b8]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you m), Ersetzt,[9c61e155dba1ec4ae57bb2bb7a8b6c94]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make changes to this file w), Ersetzt,[45b84fe7a5d7f343abb5fd7002036898]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (his file.
 *
 * If you make changes to this file while the a), Ersetzt,[b4492214522adb5b6ef282ebe520d52b]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: ( Do not edit this file.
 *
 * If you make changes to ), Ersetzt,[b24b2b0bd7a51a1ce77990dd7a8beb15]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (s

/* Do not edit this file.
 *
 * If you make), Ersetzt,[0df0ad8913699e9868f8db9212f350b0]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you ), Ersetzt,[46b70d29a0dcd06696cacf9e5fa637c9]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If), Ersetzt,[cc31181ef8843cfa8bd5105db94ce020]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (Preferences

/* Do not edit this file.
 *
 * If you m), Ersetzt,[37c62412acd020162c34e4898c7950b0]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make chan), Ersetzt,[e11c46f0fa8265d1b8a8a7c6cc39c63a]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make change), Ersetzt,[718cb383b1cbfc3a83dde38a7f86e11f]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make change), Ersetzt,[25d8ec4a5b2152e484dce78610f5a35d]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make), Ersetzt,[5e9fac8a3b418ea820402845a362cc34]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the ch), Ersetzt,[3fbe9e98b6c680b6144c511c798cc838]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (is file while the application is running,
 * the change), Ersetzt,[ad50fd39f785c07672eea3ca947102fe]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make changes to thi), Ersetzt,[807df145f28a0c2abda32b422cd9d030]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (o not edit this file.
 *
 * If you make changes to th), Ersetzt,[5f9e3105daa2d363a7b94d20af568779]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (s

/* Do not edit this file.
 *
 * If you make changes to thi), Ersetzt,[e4199d99c0bce056b3ad95d820e54eb2]
PUP.Optional.Incredibar.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: ( not edit this file.
 *
 * If you make changes to this), Ersetzt,[8a73b185c8b462d4e0802944788d9967]
PUP.Optional.Softonic.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searchfor\",\"search.mywebsearch.com\":\"searchfor\",\"search.mindspark.com\":\"searchfor\",\"search.conduit.com\":\"q\",\"search.zugo.com\":\"p\",\"www2.mystart.com\":\"q\",\"www.mystart.com\":\"q\",\"www.bigseekpro.com\":\"q\",\"bigseekpro.com\":\"q\",\"bigspeedpro.com\":\"q\",\"search.esnips.com\":\"searchQuery\",\"search.foxtab.com\":\"q\",\"search.brothersoft.com\":\"keyword\",\"search.softonic.com\":\"q\",\"www.dogpile.com\":\"q\",\"search.infospace.com\":\"q\",\"search.iobit.com\":\"q\",\"search.iminent.com\":\"\",\"search.facemoods.com\":\"s\",\"www.plusnetwork.com\":\"q\",\"www.alothome.com\":\"q\",\"alothome.com\":\"q\",\"search.alothome.com\":\"q\",\"search.chatvibes.com\":\"q\",\"search.blekko.com\":\"\",\"www.searchnu.com\":\"q\",\"searchnu.com\":\"q\",\"search.icq.com\":\"q\",\"search.etype.com\":\"query\",\"isearch.babylon.com\":\"q\",\"search.utorrent.com\":\"\",\"search.bittorrent.com\":\"\",\"search.bearshare.com\":\"q\",\"search.bearshare.net\":\"q\",\"searchya.com\":\"q\",\"int.search-results.com\":\"q\",\"search.searchcompletion.com\":\"q\",\"www.adoresearch.com\":\"q\",\"www.searchcore.net\":\"q\",\"googosearch.info\":\"terms\",\"bar.searchqu.com\":\"q\",\"search.speedbit.com\":\"q\",\"search.toggle.com\":\"q\",\"click.searchnation.net\":\"query\",\"isearch.whitesmoke.com\":\"q\",\"search.handycafe.com\":\"q\",\"searchassist.babylon.com\":\"q\",\"searchnation.net\":\"query\",\"video.searchcompletion.com\":\"q\",\"www.searchbrowsing.com\":\"q\",\"search.anchorfree.net\":\"q\",\"search.hotspotshield.com\":\"q\",\"dts.search-results.com\":\"q\",\"uk.search-results.com\":\"q\",\"search.chatzum.com\":\"q\",\"search.phpnuke.org\":\"q\",\"www.i-mysearch.com\":\"q\",\"search.smartaddressbar.com\":\"q\",\"www.search-guru.com\":\"q\",\"mysearch.sweetim.com\":\"q\",\"searchgby.com\":\"\",\"thespecialsearch.com\":\"q\",\"search.bpath.com\":\"q\",\"start.funmoods.com\":\"s\",\"fr.search-results.com\":\"q\",\"de.search-results.com\":\"q\",\"it.search-results.com\":\"q\",\"es.search-results.com\":\"q\",\"search.imesh.com\":\"q\",\"search.swagbucks.com\":\"q\",\"isearch.avg.com\":\"q\",\"search.avg.com\":\"q\",\"search.yippy.com\":\"query\",\"cludr.com\":\"q\",\"search.vmn.net\":\"q\",\"www.gigablast.com\":\"q\",\"www.metacrawler.com\":\"q\",\"www.webcrawler.com\":\"q\",\"www.ixquick.com\":\"\",\"www.search.com\":\"q\",\"www.excite.com\":\"q\",\"duckduckgo.com\":\"q\",\"search.lycos.com\":\"q\",\"webfetch.com\":\"q\",\"monstercrawler.com\":\"q\",\"go.com\":\"p\",\"hotbot.com\":\"keyword\",\"home.myplaycity.com\":\"s\",\"www.findamo.com\":\"q\",\"search.gboxapp.com\":\"q\",\"start.iplay.com\":\"q\",\"home.speedbit.com\":\"q\",\"home.sweetim.com\":\"q\",\"search.alot.com\":\"q\",\"search.searchplusnetwork.com\":\"q\",\"www.searchqu.net\":\"\",\"us.yhs4.search.yahoo.com\":\"p\",\"search.insiteapp.com\":\"q\",\"somoto.com\":\"q\",\"blekko.com\":\"\",\"uk.yhs4.search.yahoo.com\":\"p\",\"fr.yhs4.search.yahoo.com\":\"p\",\"suggestor.netliker.com\":\"\",\"search.netliker.com\":\"\",\"insta-search.com\":\"q\",\"www.fast-search.biz\":\"q\",\"start.facemoods.com\":\"s\",\"search.coolnovo.com\":\"\",\"chromeplus.info\":\"q\",\"in.yhs4.search.yahoo.com\":\"p\",\"in.yhs.search.yahoo.com\":\"p\",\"www.searchble.com\":\"keyword\",\"home.allgameshome.com\":\"s\",\"forsearch.net\":\"q\",\"allssearch.com\":\"q\",\"search.snap.do\":\"q\",\"us.yhs.search.yahoo.com\":\"p\",\"uk.yhs.search.yahoo.com\":\"p\",\"fr.yhs.search.yahoo.com\":\"p\",\"search.smartsearchbox.net\":\"\",\"search.seznam.cz\":\"q\",\"search.funmoods.com\":\"s\",\"search.avira.com\":\"q\",\"search.jzip.com\":\"q\",\"search.findeer.com\":\"\",\"search-faster.com\":\"\",\"dnssearch.rr.com\":\"search\",\"search.rr.com\":\"q\",\"search.kalloutsearch4.com\":\"q\",\"kalloutsearch4.com\":\"Keywords\",\"search.rapidns.net\":\"SearchQuery\",\"websearch.4shared.com\":\"q\",\"images.search.conduit.com\":\"q\",\"search.cpchero.biz\":\"q\",\"search.kikin.com\":\"q\",\"www.engine-search.biz\":\"q\",\"www.mysearchresults.com\":\"q\",\"search.vdc.com.vn\":\"SearchQuery\",\"search.charter.net\":\"search\",\"search-vbc.com\":\"keywords\",\"search.pch.com\":\"q\",\"search.pantip.com\":\"\",\"www.startsearcher.com\":\"q\",\"search.icafemanager.com\":\"q\",\"aolsearcht10.search.aol.com\":\"q\",\"search.free.fr\":\"\",\"www.similarsitesearch.com\":\"URL\",\"qoqole.com\":\"q\",\"www.claro-search.com\":\"q\",\"isearch.claro-search.com\":\"q\",\"www.uncoverthenet.com/search\":\"q\",\"www.searchcanvas.com\":\"q\",\"search.etoolkit.com\":\"q\",\"www.searchalgo.com\":\"q\",\"bestsearchall.com\":\"q\",\"bestorganicsearch.com\":\"q\",\"mysearchproperties.com\":\"q\",\"search.treasuretrooper.com\":\"q\",\"btsearch.name\":\"q\",\"optu.search-help.net\":\"search\",\"search.clinck.in\":\"q\",\"search.shareazaweb.net\":\"q\",\"search.solarmash.com\":\"q\",\"search.surfcanyon.com\":\"q\",\"search.tedata.net\":\"SearchQuery\",\"www.gooofullsearch.com\":\"keywords\",\"www.alnaddy.com\":\"q\",\"searchsafer.com\":\"q\",\"www.searchqu.com\":\"q\",\"searchfunmoods.com\":\"s\",\"www.searchfunmoods.com\":\"s\",\"www.searchya.com\":\"q\",\"search.lphant.net\":\"\",\"searchremagnified.com\":\"\",\"www.pagequeryresults.com\":\"\",\"www.searchqueryresults.com\":\"\",\"domainhelp.search.com\":\"q\",\"search.b1.org\":\"q\",\"search.pontofrio.com.br\":\"q\",\"search.maxonline.com.sg\":\"q\",\"search.us.com\":\"k\",\"www.picsearch.com\":\"q\",\"www.search-document.com\":\"q\",\"www.searchsafer.com\":\"q\",\"www.website-unavailable.com\":\"q\",\"fantastigames.metacrawler.com\":\"q\"}|||8641354269346460");), Ersetzt,[7d80fe38512bb086c5a494d95da8f907]
PUP.Optional.Conduit.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}");), Ersetzt,[8e6f191dacd0e6503f7cef7ecb3a5ba5]
PUP.Optional.Conduit.A, C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=");), Ersetzt,[8776a88ea6d613232b917eef7a8b18e8]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Alt 09.11.2014, 08:19   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.11.2014, 18:41   #15
Keule2388
 
Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Standard

Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab



eset log

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=10dc39ecd84e5b40ab3c1f568fe204c8
# engine=21059
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-12 07:11:26
# local_time=2014-11-12 08:11:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 94 1135557 38803480 0 0
# scanned=661462
# found=14
# cleaned=14
# scan_time=10980
sh=E34FB15E650D8750319B153EE34CEAE8AD6CC0F9 ft=1 fh=b0decd197bfed2c3 vn="Variante von Win32/Agent.WGA Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\score.exe.vir"
sh=CF31506688E2C1F6BDE3EA2046B39FB3CD45B1D6 ft=1 fh=c71c001153ffa26c vn="Variante von Win32/AdWare.MultiPlug.BN Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files (x86)\GaoSaVe\02eIJHxfgf9jbC.dll.vir"
sh=9E4163CD0AD341F2E0BC3C8C3DDD6C16B8172BE2 ft=1 fh=a3833178c282d363 vn="Variante von Win64/Adware.MultiPlug.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files (x86)\GaoSaVe\02eIJHxfgf9jbC.x64.dll.vir"
sh=CF31506688E2C1F6BDE3EA2046B39FB3CD45B1D6 ft=1 fh=c71c001153ffa26c vn="Variante von Win32/AdWare.MultiPlug.BN Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.dll.vir"
sh=9E4163CD0AD341F2E0BC3C8C3DDD6C16B8172BE2 ft=1 fh=a3833178c282d363 vn="Variante von Win64/Adware.MultiPlug.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files (x86)\YoutubEADBlocke\7xI8qvuBtkhlXn.x64.dll.vir"
sh=F8F662E19FB6A127495B33A35FFB08F75774D272 ft=1 fh=c71c00116b680c1d vn="Variante von Win32/AdWare.MultiPlug.BN Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\ExsteraSavinogs\attGlhRBdgFAtN.dll.vir"
sh=E1FE83997390A570BC6FA4064ACD80714AA7863D ft=1 fh=c71c00113f55595c vn="Variante von Win32/AdWare.MultiPlug.BN Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\ExsteraSavinogs\attGlhRBdgFAtN.exe.vir"
sh=5B6899619CFCD0D5071C9233C2D0D1A197248E90 ft=1 fh=727f1ecd5cac3c75 vn="Variante von Win64/Adware.MultiPlug.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\ExsteraSavinogs\attGlhRBdgFAtN.x64.dll.vir"
sh=0943B4FBC2C1C777EE4B1478867E3B90B691FDCB ft=1 fh=c71c00118cda9e28 vn="Variante von Win32/AdWare.MultiPlug.CK Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\GaoSaVe\Is80A34cf8betU7.exe.vir"
sh=A7605F6101031E5EEC2AE964B6ED9D8775434E9E ft=1 fh=c71c001105efd2b7 vn="Variante von Win32/AdWare.MultiPlug.BN Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\GoSavee\zop6uX7dGN6fgP.dll.vir"
sh=4BD2C00D1331F52ACAFD077CB358905BCC40A40B ft=1 fh=c71c00110b757844 vn="Variante von Win32/AdWare.MultiPlug.BN Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\GoSavee\zop6uX7dGN6fgP.exe.vir"
sh=A59F591168B33DE4F42B680FB66C7C7F78B11056 ft=1 fh=645417d1b653e44e vn="Variante von Win64/Adware.MultiPlug.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\GoSavee\zop6uX7dGN6fgP.x64.dll.vir"
sh=A6CFA8D73C7C7382C4177E899B2AD86F7304E0D7 ft=1 fh=97a9167ac035b217 vn="Variante von Win32/AdWare.MultiPlug.AB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\Trusted Publisher\GS_Booster\GS_Booster.exe.vir"
sh=BDFF740AC1BD5EB1FA23015349945CC9F4E18E89 ft=1 fh=c71c00112336a56f vn="Variante von Win32/AdWare.MultiPlug.CK Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\ProgramData\YoutubEADBlocke\GomOV8hlyVOe5P2.exe.vir"
         
security

Code:
ATTFilter
Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java version out of Date! 
 Adobe Flash Player 15.0.0.223  
 Adobe Reader XI  
 Mozilla Firefox (33.1) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 ESET ESET Online Scanner OnlineScannerApp.exe  
 ESET ESET Online Scanner OnlineCmdLineScanner.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014
Ran by Keule (administrator) on KEULE-PC on 13-11-2014 18:38:28
Running from C:\Users\Keule\Downloads
Loaded Profile: Keule (Available profiles: Keule)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKU\S-1-5-21-1968684957-3168343925-173667196-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBE123C39E6E3CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1968684957-3168343925-173667196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll No File
BHO-x32: HistoryTriggerBHO Class -> {21A88CB9-84D2-4020-A2D1-B25A21034884} -> C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Keule\AppData\Roaming\Mozilla\Firefox\Profiles\3oaghyg8.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-11-11]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Keule\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejndijkjinbjigbmmbefadfighlkmhjl [2014-10-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-23] ()
S2 4d349a54; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs_boo~1\AssistantSvc.dll",service
S4 LBTServ; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]
S4 Sony PC Companion; "C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-10-23] (C-Media Inc)
S3 h643331; C:\Windows\System32\drivers\h643331.sys [67432 2012-06-19] (Your Corporation)
S3 hid3331; C:\Windows\SysWOW64\drivers\hid3331.sys [45672 2012-06-19] (Your Corporation)
S3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-10] (Samsung Electronics)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-10-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2010-10-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2010-10-14] (LG Electronics Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 LU1103A; system32\DRIVERS\LU1103A.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 18:38 - 2014-11-13 18:39 - 00016883 _____ () C:\Users\Keule\Downloads\FRST.txt
2014-11-13 18:38 - 2014-11-13 18:38 - 02116608 _____ (Farbar) C:\Users\Keule\Downloads\FRST64.exe
2014-11-12 07:10 - 2014-11-12 07:10 - 04918960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-12 03:57 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 03:57 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 03:57 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 03:57 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 03:57 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 03:57 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 03:57 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 03:57 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 03:57 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 03:57 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 03:57 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 03:57 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 03:57 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 03:57 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 03:57 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 03:57 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 03:57 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 03:57 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 03:57 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 03:57 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 03:57 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 03:57 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 03:57 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 03:57 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 03:57 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 03:57 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 03:57 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 03:57 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 03:57 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 03:57 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 03:57 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 03:57 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 03:57 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 03:57 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 03:57 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 03:57 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 03:57 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 03:57 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 03:57 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 03:57 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 03:57 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 03:57 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 03:57 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 03:57 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 03:57 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 03:57 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 03:57 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 03:57 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 03:57 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 03:57 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 03:57 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 03:57 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 03:57 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 03:57 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 03:57 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 03:57 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 03:57 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 03:57 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 03:57 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 03:57 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 03:57 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 03:57 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 03:57 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 03:57 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 03:57 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 03:57 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 03:57 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 03:57 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 03:57 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 03:57 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 03:57 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 03:57 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 03:57 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 03:57 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 03:57 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 03:57 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 03:57 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 03:57 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 03:57 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 03:57 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 03:57 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 03:54 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 03:54 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 03:54 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 03:54 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 03:54 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 03:54 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 03:54 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 03:54 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 03:54 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 03:54 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 03:54 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 03:54 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 03:54 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 03:54 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 03:54 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 03:54 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 03:54 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 03:53 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 03:53 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 21:36 - 2014-11-11 21:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 19:35 - 2014-11-11 19:35 - 00854448 _____ () C:\Users\Keule\Downloads\SecurityCheck.exe
2014-11-11 19:35 - 2014-11-11 19:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-11 19:34 - 2014-11-11 19:35 - 02347384 _____ (ESET) C:\Users\Keule\Downloads\esetsmartinstaller_deu.exe
2014-11-04 19:10 - 2014-11-04 20:26 - 00000000 ____D () C:\ProgramData\SystemOperations
2014-11-04 19:10 - 2014-11-04 19:10 - 00000000 ____D () C:\Windows\System32\Tasks\SystemOperations
2014-11-04 19:10 - 2014-11-04 16:03 - 00358840 _____ (Say Media Group LTD) C:\Windows\system32\ColorMedia64.dll
2014-11-04 19:09 - 2014-11-13 17:45 - 00001338 _____ () C:\Windows\Tasks\IQNZKE.job
2014-11-04 19:09 - 2014-11-13 17:15 - 00001338 _____ () C:\Windows\Tasks\IDDBWT.job
2014-11-04 19:09 - 2014-11-04 20:26 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-11-04 19:09 - 2014-11-04 19:09 - 00004364 _____ () C:\Windows\System32\Tasks\IQNZKE
2014-11-04 19:09 - 2014-11-04 19:09 - 00004364 _____ () C:\Windows\System32\Tasks\IDDBWT
2014-11-04 19:09 - 2014-11-04 19:09 - 00000000 ____D () C:\Users\Keule\AppData\Local\globalUpdate
2014-11-04 17:13 - 2014-11-04 17:13 - 00000858 _____ () C:\Users\Public\Desktop\DRIFT O.Z. Racing Wheel.lnk
2014-11-04 17:13 - 2014-11-04 17:13 - 00000000 ____D () C:\Windows\USB_Vibration
2014-11-04 17:13 - 2014-11-04 17:13 - 00000000 ____D () C:\Program Files (x86)\USB_Vibration
2014-11-04 17:13 - 2012-06-19 09:46 - 00067432 _____ (Your Corporation) C:\Windows\system32\Drivers\h643331.sys
2014-11-04 17:13 - 2012-06-19 09:46 - 00045672 _____ (Your Corporation) C:\Windows\SysWOW64\Drivers\hid3331.sys
2014-11-04 17:13 - 2012-06-19 09:46 - 00009932 _____ () C:\Windows\SysWOW64\Drivers\hid3331.cat
2014-11-04 17:13 - 2012-05-10 13:54 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\USBMAX.cpl
2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Keule\Downloads\Driver
2014-11-04 17:12 - 2012-05-21 16:06 - 03306213 _____ (Macromedia, Inc.) C:\Users\Keule\Downloads\Setup.exe
2014-11-04 17:11 - 2014-11-04 17:11 - 00000000 ____D () C:\Users\Keule\Downloads\SL-6695-BKOR_Driver_V1.0
2014-11-04 17:07 - 2014-11-04 17:07 - 01376768 _____ () C:\Users\Keule\Downloads\7z920-x64.msi
2014-11-04 17:05 - 2014-11-04 17:05 - 04369417 _____ () C:\Users\Keule\Downloads\SL-6695-BKOR_Driver_V1.0.zip
2014-11-03 17:30 - 2014-11-03 17:30 - 02785665 _____ (PortableApps.com) C:\Users\Keule\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-11-03 17:30 - 2014-11-03 17:30 - 00000000 ____D () C:\Users\Keule\Downloads\RevoUninstallerPortable
2014-11-03 17:24 - 2014-11-03 17:24 - 00001264 _____ () C:\Users\Keule\Desktop\Revo Uninstaller.lnk
2014-11-03 17:24 - 2014-11-03 17:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-03 17:23 - 2014-11-03 17:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Keule\Downloads\revosetup95.exe
2014-11-02 19:52 - 2014-11-02 19:52 - 00007715 _____ () C:\Users\Keule\Desktop\adwcleaner.txt
2014-11-02 19:38 - 2014-11-02 19:38 - 00045145 _____ () C:\Users\Keule\Desktop\mbam.txt
2014-11-02 19:37 - 2014-11-02 19:37 - 00043157 _____ () C:\Users\Keule\Desktop\Addition.txt
2014-11-02 19:28 - 2014-11-02 19:35 - 00041930 _____ () C:\Users\Keule\Desktop\JRT.txt
2014-11-02 19:25 - 2014-11-02 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-11-02 18:57 - 2014-11-08 18:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 18:54 - 2014-11-08 19:00 - 00000000 ____D () C:\AdwCleaner
2014-11-02 18:53 - 2014-11-02 18:53 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-02 18:53 - 2014-11-02 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-02 18:53 - 2014-11-02 18:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-02 18:53 - 2014-11-02 18:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-02 18:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-02 18:53 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-02 18:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-02 17:55 - 2014-11-13 18:38 - 00000000 ____D () C:\FRST
2014-11-02 17:53 - 2014-11-02 17:54 - 01706359 _____ (Thisisu) C:\Users\Keule\Downloads\JRT.exe
2014-11-02 17:44 - 2014-11-02 17:45 - 01998336 _____ () C:\Users\Keule\Downloads\AdwCleaner_4.002.exe
2014-11-02 17:41 - 2014-11-02 17:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Keule\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-02 16:55 - 2014-11-02 16:55 - 00066084 _____ () C:\ComboFix.txt
2014-11-02 14:50 - 2014-11-02 16:56 - 00000000 ____D () C:\Qoobox
2014-11-02 14:50 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-02 14:50 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-02 14:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-02 14:50 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-02 14:49 - 2014-11-02 16:54 - 00000000 ____D () C:\Windows\erdnt
2014-11-02 14:46 - 2014-11-02 14:47 - 05591672 ____R (Swearware) C:\Users\Keule\Downloads\ComboFix.exe
2014-11-02 14:36 - 2014-11-02 14:36 - 00700980 _____ () C:\Users\Keule\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-11-02 14:34 - 2014-11-02 14:34 - 00542313 _____ () C:\Users\Keule\Downloads\noscript_security_suite-2.6.9.3-sm_fn_fx.zip
2014-11-02 04:10 - 2014-11-02 04:10 - 00000000 ____D () C:\ProgramData\Creative
2014-11-01 18:54 - 2014-11-01 18:54 - 00000000 ___HD () C:\Program Files (x86)\Creative Installation Information
2014-11-01 18:53 - 2014-11-02 04:10 - 00000000 ____D () C:\Users\Keule\AppData\Local\Creative
2014-11-01 18:53 - 2014-11-01 18:54 - 00000414 ___RH () C:\Windows\ctfile.rfc
2014-11-01 18:53 - 2014-11-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-11-01 18:53 - 2014-11-01 18:53 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-11-01 18:53 - 2014-11-01 18:53 - 00002133 _____ () C:\Users\Public\Desktop\Creative-Produktregistrierung.lnk
2014-11-01 18:53 - 2014-06-03 16:32 - 00287744 _____ (Creative Technology Ltd.) C:\Windows\system32\UHSpld64.dll
2014-11-01 18:53 - 2014-06-03 16:31 - 02405144 _____ (Creative Technology Ltd.) C:\Windows\system32\UHSAPO64.dll
2014-11-01 18:53 - 2014-06-03 16:31 - 02016024 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\UHSAPO32.dll
2014-11-01 18:53 - 2014-06-03 16:30 - 00020161 _____ () C:\Windows\UHSAPO64.ssc
2014-11-01 18:53 - 2014-06-03 16:15 - 00033735 _____ () C:\Windows\system32\UHS.ini
2014-11-01 18:53 - 2014-04-25 16:33 - 01898496 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2014-11-01 18:53 - 2014-04-25 16:29 - 01609728 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2014-11-01 18:53 - 2014-04-23 10:38 - 00011264 _____ (Creative Technology Ltd.) C:\Windows\UHSDefE.exe
2014-11-01 18:53 - 2014-04-23 10:38 - 00000387 _____ () C:\Windows\UHSMCcfg.ini
2014-11-01 18:53 - 2014-04-23 10:38 - 00000373 _____ () C:\Windows\UHSConfig.ini
2014-11-01 18:53 - 2014-03-24 10:38 - 00089600 _____ () C:\Windows\system32\CmdRtr64.DLL
2014-11-01 18:53 - 2014-03-24 10:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-11-01 18:53 - 2014-03-24 10:36 - 00366080 _____ () C:\Windows\system32\APOMgr64.DLL
2014-11-01 18:53 - 2014-03-24 10:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-11-01 18:53 - 2013-05-31 16:43 - 00023552 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\UHSfiltv.sys
2014-11-01 18:53 - 2013-04-17 15:20 - 00002413 _____ () C:\Windows\UHScfg.ini
2014-11-01 18:53 - 2012-04-18 11:39 - 00042496 _____ (Creative Technology Ltd.) C:\Windows\AddCat.exe
2014-11-01 18:53 - 2011-06-29 18:36 - 00235520 _____ (Creative Technology Limited) C:\Windows\system32\UHScInst.dll
2014-11-01 18:53 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2014-11-01 18:53 - 2003-06-12 23:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd
2014-11-01 18:52 - 2014-11-01 18:54 - 00000000 ____D () C:\Program Files\Creative
2014-11-01 18:52 - 2014-11-01 18:54 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-11-01 18:52 - 2014-11-01 18:52 - 00000546 _____ () C:\Windows\NLSDownlevelMapping.log
2014-10-31 19:51 - 2014-11-12 13:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-31 19:51 - 2014-10-31 19:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-31 19:51 - 2014-10-31 19:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-31 16:53 - 2014-10-31 16:53 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-31 16:53 - 2014-10-31 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-31 16:53 - 2014-10-31 16:53 - 00000000 ____D () C:\Program Files\Java
2014-10-31 16:36 - 2014-10-31 16:53 - 92658088 _____ (Oracle Corporation) C:\Users\Keule\Downloads\jre-8u25-windows-x64.com
2014-10-31 14:21 - 2014-10-31 14:37 - 294205928 _____ (GIANTS Software ) C:\Users\Keule\Downloads\FarmingSimulator2015Patch1.1DE.exe
2014-10-31 10:52 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-10-31 10:52 - 2013-04-02 23:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-30 20:19 - 2014-10-30 20:19 - 00001279 _____ () C:\Users\Keule\Desktop\Landwirtschafts Simulator 15 .lnk
2014-10-30 20:19 - 2014-10-30 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015
2014-10-30 20:16 - 2014-10-31 14:38 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts Simulator 2015
2014-10-30 19:39 - 2014-11-12 13:09 - 00002558 _____ () C:\Windows\setupact.log
2014-10-30 19:39 - 2014-10-30 19:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-26 16:30 - 2014-10-16 13:27 - 00614544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-26 16:27 - 2014-10-16 17:54 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 24555840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 18499648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 17260864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 13190288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-26 16:27 - 2014-10-16 17:54 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00962376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00931984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00921928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00895176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-10-26 16:27 - 2014-10-16 17:54 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-10-23 02:03 - 2014-10-25 07:01 - 00000000 ____D () C:\Program Files (x86)\grassmow
2014-10-21 13:35 - 2014-10-31 19:50 - 36254312 _____ () C:\Users\Keule\Downloads\Firefox_Setup_33.0.exe
2014-10-15 13:34 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 13:34 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 13:34 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 13:34 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 13:34 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 13:34 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 13:34 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 13:34 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 13:34 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 13:34 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 13:34 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 13:34 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 13:34 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 13:34 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 13:34 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 13:34 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 13:33 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 13:33 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 13:33 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 13:33 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 13:33 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 13:33 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 13:33 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 13:33 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 13:33 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 13:33 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 13:33 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 13:33 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 13:33 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 13:33 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 13:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 13:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 13:33 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 13:33 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 13:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 13:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 13:33 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 13:33 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 13:33 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 13:33 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 13:33 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 13:29 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 13:29 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 13:29 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 13:29 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 13:29 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 13:29 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 13:29 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 13:29 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 13:28 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 13:28 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 19:00 - 2014-10-14 19:00 - 00003154 _____ () C:\Windows\System32\Tasks\{0EF7BECB-A850-4783-ADB6-15DFF55E8920}
2014-10-14 18:54 - 2014-10-14 18:54 - 00000000 ____D () C:\Program Files (x86)\Isaveir
2014-10-14 18:53 - 2014-10-14 18:53 - 00000000 ____D () C:\Program Files (x86)\Reimageplus.com
2014-10-14 18:52 - 2014-10-14 18:52 - 00000000 ____D () C:\Program Files (x86)\DigiISaverr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 18:10 - 2012-08-03 12:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-13 14:25 - 2010-12-01 21:18 - 01558551 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 17:08 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 17:08 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 15:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 13:09 - 2010-12-01 21:48 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-12 13:08 - 2010-12-01 21:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-12 13:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 12:33 - 2009-07-14 05:45 - 00385968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 12:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-11-12 12:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-11-12 12:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-11-12 12:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-11-12 12:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-11-12 12:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-11-12 12:07 - 2014-10-06 20:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 12:04 - 2010-12-13 23:20 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 07:10 - 2012-08-03 12:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 07:10 - 2012-08-03 12:14 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 07:10 - 2011-05-20 07:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-10 19:48 - 2010-12-14 08:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-11-08 18:54 - 2014-06-26 21:13 - 00153990 _____ () C:\Windows\PFRO.log
2014-11-04 20:28 - 2011-10-02 15:50 - 00000000 ____D () C:\Windows\bg-BG
2014-11-04 19:09 - 2010-12-14 10:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-04 19:08 - 2010-12-14 08:37 - 00000000 ____D () C:\Program Files\Logitech
2014-11-04 17:13 - 2010-12-01 21:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-03 16:34 - 2011-10-02 18:13 - 00408712 _____ () C:\Windows\system32\perfh011.dat
2014-11-03 16:34 - 2011-10-02 18:13 - 00122098 _____ () C:\Windows\system32\perfc011.dat
2014-11-03 16:34 - 2011-10-02 17:54 - 00501348 _____ () C:\Windows\system32\perfh006.dat
2014-11-03 16:34 - 2011-10-02 17:54 - 00098656 _____ () C:\Windows\system32\perfc006.dat
2014-11-03 16:34 - 2011-10-02 17:20 - 00392956 _____ () C:\Windows\system32\prfh0404.dat
2014-11-03 16:34 - 2011-10-02 17:20 - 00115088 _____ () C:\Windows\system32\prfc0404.dat
2014-11-03 16:34 - 2011-10-02 17:04 - 00705814 _____ () C:\Windows\system32\prfh0416.dat
2014-11-03 16:34 - 2011-10-02 17:04 - 00147654 _____ () C:\Windows\system32\prfc0416.dat
2014-11-03 16:34 - 2011-10-02 16:44 - 00720952 _____ () C:\Windows\system32\prfh0816.dat
2014-11-03 16:34 - 2011-10-02 16:44 - 00152904 _____ () C:\Windows\system32\prfc0816.dat
2014-11-03 16:34 - 2011-10-02 16:29 - 00732292 _____ () C:\Windows\system32\perfh015.dat
2014-11-03 16:34 - 2011-10-02 16:29 - 00155870 _____ () C:\Windows\system32\perfc015.dat
2014-11-03 16:34 - 2011-10-02 16:02 - 00648616 _____ () C:\Windows\system32\perfh01F.dat
2014-11-03 16:34 - 2011-10-02 16:02 - 00139998 _____ () C:\Windows\system32\perfc01F.dat
2014-11-03 16:34 - 2011-10-02 15:30 - 00375884 _____ () C:\Windows\system32\prfh0804.dat
2014-11-03 16:34 - 2011-10-02 15:30 - 00119590 _____ () C:\Windows\system32\prfc0804.dat
2014-11-03 16:34 - 2011-10-02 14:53 - 00716534 _____ () C:\Windows\system32\perfh019.dat
2014-11-03 16:34 - 2011-10-02 14:53 - 00150840 _____ () C:\Windows\system32\perfc019.dat
2014-11-03 16:34 - 2011-10-02 14:42 - 00486448 _____ () C:\Windows\system32\perfh014.dat
2014-11-03 16:34 - 2011-10-02 14:42 - 00095402 _____ () C:\Windows\system32\perfc014.dat
2014-11-03 16:34 - 2011-10-02 14:31 - 00598922 _____ () C:\Windows\system32\perfh008.dat
2014-11-03 16:34 - 2011-10-02 14:31 - 00111126 _____ () C:\Windows\system32\perfc008.dat
2014-11-03 16:34 - 2011-10-02 14:20 - 00655654 _____ () C:\Windows\system32\perfh01D.dat
2014-11-03 16:34 - 2011-10-02 14:20 - 00142472 _____ () C:\Windows\system32\perfc01D.dat
2014-11-03 16:34 - 2011-10-02 14:10 - 00420358 _____ () C:\Windows\system32\perfh012.dat
2014-11-03 16:34 - 2011-10-02 14:10 - 00120382 _____ () C:\Windows\system32\perfc012.dat
2014-11-03 16:34 - 2011-10-02 13:59 - 00660774 _____ () C:\Windows\system32\perfh005.dat
2014-11-03 16:34 - 2011-10-02 13:59 - 00141424 _____ () C:\Windows\system32\perfc005.dat
2014-11-03 16:34 - 2011-10-02 13:36 - 00735432 _____ () C:\Windows\system32\perfh013.dat
2014-11-03 16:34 - 2011-10-02 13:36 - 00153100 _____ () C:\Windows\system32\perfc013.dat
2014-11-03 16:34 - 2011-10-02 13:22 - 00473436 _____ () C:\Windows\system32\perfh00B.dat
2014-11-03 16:34 - 2011-10-02 13:22 - 00101518 _____ () C:\Windows\system32\perfc00B.dat
2014-11-03 16:34 - 2011-10-02 13:16 - 00675688 _____ () C:\Windows\system32\perfh00E.dat
2014-11-03 16:34 - 2011-10-02 13:16 - 00171272 _____ () C:\Windows\system32\perfc00E.dat
2014-11-03 16:34 - 2011-10-02 13:05 - 00737390 _____ () C:\Windows\system32\perfh00A.dat
2014-11-03 16:34 - 2011-10-02 13:05 - 00158472 _____ () C:\Windows\system32\perfc00A.dat
2014-11-03 16:34 - 2011-10-02 12:58 - 00384278 _____ () C:\Windows\system32\perfh00D.dat
2014-11-03 16:34 - 2011-10-02 12:58 - 00084756 _____ () C:\Windows\system32\perfc00D.dat
2014-11-03 16:34 - 2011-10-02 12:44 - 00731980 _____ () C:\Windows\system32\perfh010.dat
2014-11-03 16:34 - 2011-10-02 12:44 - 00146844 _____ () C:\Windows\system32\perfc010.dat
2014-11-03 16:34 - 2011-10-02 12:39 - 00737650 _____ () C:\Windows\system32\perfh00C.dat
2014-11-03 16:34 - 2011-10-02 12:39 - 00470948 _____ () C:\Windows\system32\perfh001.dat
2014-11-03 16:34 - 2011-10-02 12:39 - 00149578 _____ () C:\Windows\system32\perfc00C.dat
2014-11-03 16:34 - 2011-10-02 12:39 - 00094770 _____ () C:\Windows\system32\perfc001.dat
2014-11-03 16:34 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-11-03 16:34 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-11-03 16:34 - 2009-07-14 06:13 - 17451024 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 16:55 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-02 16:52 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-02 16:52 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-02 15:01 - 2010-12-15 18:52 - 00000000 ____D () C:\Users\Keule\AppData\Local\Adobe
2014-11-02 14:47 - 2011-09-03 08:46 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\DVDVideoSoft
2014-11-02 14:38 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-31 17:01 - 2014-10-13 13:52 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-31 16:53 - 2014-10-13 13:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-31 16:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-31 15:23 - 2011-05-01 20:25 - 00000000 ____D () C:\Windows\Minidump
2014-10-31 15:00 - 2012-01-01 18:57 - 00007603 _____ () C:\Users\Keule\AppData\Local\Resmon.ResmonCfg
2014-10-31 12:18 - 2010-12-14 05:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-30 21:28 - 2014-09-03 16:00 - 00000000 ____D () C:\Users\Keule\Documents\Euro Truck Simulator 2
2014-10-30 20:22 - 2014-07-01 10:01 - 00055782 _____ () C:\Windows\DirectX.log
2014-10-30 20:22 - 2011-01-07 13:02 - 00000000 ____D () C:\Users\Keule\Documents\My Games
2014-10-30 17:45 - 2014-10-07 15:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-30 17:45 - 2014-08-22 16:20 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-30 17:45 - 2011-05-01 20:22 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-10-30 17:45 - 2010-12-14 08:42 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-10-30 17:45 - 2010-12-01 21:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-30 17:45 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-30 17:45 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-10-30 17:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-30 17:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-30 12:25 - 2010-12-01 21:37 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-26 16:30 - 2012-11-02 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-26 16:30 - 2010-12-01 21:44 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-26 02:22 - 2014-09-16 19:41 - 00000000 ____D () C:\ProgramData\817622e663d16f39
2014-10-21 13:13 - 2011-11-02 19:12 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-10-16 17:54 - 2012-10-10 21:23 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-16 17:54 - 2012-10-10 21:22 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-10-16 17:54 - 2010-12-01 21:44 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-10-16 17:54 - 2010-08-05 11:15 - 20968040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-16 17:54 - 2010-08-05 11:15 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-16 17:54 - 2010-08-05 11:15 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 06883136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 00933064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-10-16 15:11 - 2010-07-29 18:52 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-10-16 15:11 - 2010-07-29 18:52 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-10-15 01:48 - 2012-11-02 10:39 - 04047877 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-14 19:07 - 2010-12-01 21:20 - 00001421 _____ () C:\Users\Keule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-14 19:06 - 2014-10-13 14:59 - 00000000 ____D () C:\Users\Keule\AppData\Roaming\StormFall

Some content of TEMP:
====================
C:\Users\Keule\AppData\Local\Temp\Quarantine.exe
C:\Users\Keule\AppData\Local\Temp\setup.exe
C:\Users\Keule\AppData\Local\Temp\SpOrder.dll
C:\Users\Keule\AppData\Local\Temp\sqlite3.dll
C:\Users\Keule\AppData\Local\Temp\tmd_34013292.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 00:17

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014
Ran by Keule at 2014-11-13 18:39:29
Running from C:\Users\Keule\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version: 1.05 - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BitZipper 2013 (HKLM-x32\...\BitZipper_is1) (Version: 2013.12.10.17 - Bitberry Software)
Brother MFL-Pro Suite MFC-250C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Darkest Hour: Europe '44-'45 (HKLM-x32\...\Steam App 1280) (Version:  - Darkest Hour Team)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
DRIFT O.Z. Racing Wheel (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: V4.40a - SPEEDLINK)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software)
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.2.46.20101118 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{9BC97E7F-8E26-44B8-841A-C5262754FC89}) (Version: 2.1 - LG Electronics)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 7.00 (HKLM\...\{690285C2-2481-44FB-8402-162EA970A6DD}) (Version: 7.00.291 - Logitech Inc.)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mare Nostrum (HKLM-x32\...\Steam App 1230) (Version:  - Sandstorm Productions)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Medal of Honor™ Warfighter (HKLM-x32\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.5.50938 - Корпорация Майкрософт)
Microsoft .NET Framework 4.5.1 (עברית) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (简体中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2052) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1(한국어) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1042) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5919 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire)
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version:  - Tripwire Interactive)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.51.00(19.06.2014) - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.12.5.57 - Sony Ericsson Mobile Communications AB)
Sony PC Companion 2.10.115 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.115 - Sony)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - Firefly Studios)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.9.2 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-11-2014 16:09:12 Installed 7-Zip 9.20 (x64 edition)
04-11-2014 16:13:09 Installed DRIFT O.Z. Racing Wheel
04-11-2014 19:09:28 Removed 7-Zip 9.20 (x64 edition)
04-11-2014 19:15:20 Removed 7-Zip 9.20 (x64 edition)
06-11-2014 19:42:52 Windows Update
09-11-2014 18:04:58 Windows-Sicherung
10-11-2014 18:11:06 Windows Update
12-11-2014 11:02:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-02 16:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07AFC7AD-0AAA-4773-9B88-0B4F8053DC1B} - System32\Tasks\SystemOperations\Safe Updater 08 => C:\ProgramData\SystemOperations\SafeUpdater\SafeUpdater.exe
Task: {1086884C-9F83-425B-A802-6CE88679636A} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17] (InstallShield Software Corporation)
Task: {1978AB39-80CE-4FE9-9051-283E45E08F97} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {531C249F-4C01-4A6C-914E-A809A0424B74} - System32\Tasks\{6626EF3B-A609-48A9-9CED-FE1F69587EE5} => Firefox.exe 
Task: {58CE6AFF-7E6A-4AEB-A9F8-5EC8D6304F2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {5A7A23B8-2667-4AA2-BDEB-20EF26122451} - System32\Tasks\{0F48E379-C488-4FD2-A348-948BC4D06E74} => Firefox.exe 
Task: {648E79FC-EC0A-4987-A644-9A2FC239B934} - System32\Tasks\IQNZKE => C:\Users\Keule\AppData\Roaming\IQNZKE.exe <==== ATTENTION
Task: {66BB19B4-867B-480E-A0A3-B436B289EEC2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {798C4621-B7A8-41AD-B2E1-65E136B8F5F5} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {A528B7E0-99EA-42EC-9191-AE9D5B269906} - System32\Tasks\{7987E01D-7620-4EEA-993C-03846944A18C} => Firefox.exe 
Task: {A695EE6E-CA4B-438A-B549-61AB121E496C} - System32\Tasks\{F7B03492-31B2-4373-A2B4-FEB5450484E8} => C:\PROGRAMME\MEINHAUSPLANER\PROG\CADAVA\meinHausplaner.exe
Task: {A6A28B0D-B40E-4DCA-AF2F-B13B9B077BAA} - System32\Tasks\{E7B1BF92-F41B-4FE1-B221-795CC936E5A2} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {A91C17BF-6087-4897-A986-CD079A4050FD} - System32\Tasks\IDDBWT => C:\Users\Keule\AppData\Roaming\IDDBWT.exe <==== ATTENTION
Task: {AF8252D8-E4E1-44A2-93FE-88BFBC7FD00F} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-17] (InstallShield Software Corporation)
Task: {C77F826C-C3CD-4860-A251-08C8CB7BD17C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {E64D69ED-EBAE-4B74-9EE8-5A059FC601A4} - System32\Tasks\{1E5A71F1-FE21-4BFA-99F2-98F09B3017D3} => Firefox.exe 
Task: {EF2423A5-8F92-4DF1-B23F-328D1A64F9CC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\IDDBWT.job => C:\Users\Keule\AppData\Roaming\IDDBWT.exe <==== ATTENTION
Task: C:\Windows\Tasks\IQNZKE.job => C:\Users\Keule\AppData\Roaming\IQNZKE.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-11-02 19:05 - 2009-09-11 08:48 - 00027648 _____ () C:\Windows\System32\sst3cl6.dll
2011-10-29 21:12 - 2014-10-16 15:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2010-12-14 08:43 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2010-12-14 08:43 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2010-12-01 21:29 - 2009-06-17 16:13 - 00068136 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2010-12-01 21:25 - 2010-01-19 03:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2010-12-14 00:20 - 2012-12-23 14:20 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00056696 _____ () C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
2010-12-01 21:29 - 2009-05-04 17:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2010-12-01 21:25 - 2009-10-02 13:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-01 18:53 - 2014-03-24 10:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-11-01 18:53 - 2014-03-24 10:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-11-11 21:36 - 2014-11-11 21:36 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-12 07:10 - 2014-11-12 07:10 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun

========================= Accounts: ==========================

Administrator (S-1-5-21-1968684957-3168343925-173667196-500 - Administrator - Disabled)
Gast (S-1-5-21-1968684957-3168343925-173667196-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1968684957-3168343925-173667196-1003 - Limited - Enabled)
Keule (S-1-5-21-1968684957-3168343925-173667196-1000 - Administrator - Enabled) => C:\Users\Keule

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2014 06:27:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 00:31:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 05:06:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 05:06:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 05:06:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 05:06:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 05:06:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 05:06:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2014 00:02:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CreateVssExamineWriterMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {26E36DB8-E17E-4169-87D0-E6E3ECFFA3C5}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/12/2014 00:02:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "XML document is too long" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.
.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {26E36DB8-E17E-4169-87D0-E6E3ECFFA3C5}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer


System errors:
=============
Error: (11/12/2014 01:09:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/12/2014 01:09:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/12/2014 01:09:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/12/2014 01:09:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/12/2014 01:09:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS_Sustainer erreicht.

Error: (11/12/2014 00:34:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/12/2014 00:34:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/12/2014 00:34:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/12/2014 00:34:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/12/2014 00:34:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS_Sustainer erreicht.


Microsoft Office Sessions:
=========================
Error: (11/13/2014 06:27:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/13/2014 00:31:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/12/2014 05:06:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Keule\Downloads\esetsmartinstaller_deu.exe

Error: (11/12/2014 05:06:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Keule\Downloads\esetsmartinstaller_deu.exe

Error: (11/12/2014 05:06:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Keule\Downloads\esetsmartinstaller_deu.exe

Error: (11/12/2014 05:06:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Keule\Downloads\esetsmartinstaller_deu.exe

Error: (11/12/2014 05:06:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Keule\Downloads\esetsmartinstaller_deu.exe

Error: (11/12/2014 05:06:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Keule\Downloads\esetsmartinstaller_deu.exe

Error: (11/12/2014 00:02:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CreateVssExamineWriterMetadata0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts.
Weitere Informationen finden Sie im Anwendungsereignisprotokoll.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {26E36DB8-E17E-4169-87D0-E6E3ECFFA3C5}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer

Error: (11/12/2014 00:02:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: XML document is too long0x80070018, Das Programm hat einen Befehl ausgegeben, aber die Befehlslänge ist falsch.


Vorgang:
   Generator legt seine Metadaten offen

Kontext:
   Ausführungskontext: Requestor
   Generatorinstanz-ID: {26E36DB8-E17E-4169-87D0-E6E3ECFFA3C5}
   Generatorklassen-ID: {E8132975-6F93-4464-A53E-1050253AE220}
   Generatorname: System Writer


CodeIntegrity Errors:
===================================
  Date: 2014-11-02 15:01:30.261
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 15:01:30.073
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:28:08.072
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:28:06.953
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:14:24.072
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:14:22.854
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:11:10.038
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:11:09.004
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:07:20.529
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-08 18:07:19.608
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LU1103A.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU 660 @ 3.33GHz
Percentage of memory in use: 42%
Total physical RAM: 4087.48 MB
Available physical RAM: 2370.35 MB
Total Pagefile: 14809.66 MB
Available Pagefile: 12529.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:172.69 GB) (Free:23.47 GB) NTFS
Drive d: () (Fixed) (Total:271.87 GB) (Free:35.27 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS
Drive f: () (Fixed) (Total:180.88 GB) (Free:180.63 GB) NTFS
Drive g: () (Fixed) (Total:284.78 GB) (Free:284.68 GB) NTFS
Drive h: (Landwirtschafts-Simulator 2015) (CDROM) (Total:1.87 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 811F2DC4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=172.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=271.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 256F32EA)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Antwort

Themen zu Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab
ads remover entfernen, device driver, fehlercode 0x80000003, fehlercode 24, fehlercode windows, gaosave entfernen, gs_booster entfernen, gs_sustainer 1.80 entfernen, nvbackend, pup.optional.booster.a, pup.optional.datamngr.a, pup.optional.defaultsearch.a, pup.optional.iepluginservices.a, pup.optional.incredibar.a, pup.optional.mbot.a, pup.optional.multiplug, pup.optional.searchprotect.a, pup.optional.settingsmanager.a, pup.optional.snapdo.t, pup.optional.suptab.a, pup.optional.sweetpage.a, pup.optional.systemspeedup, pup.optional.termtutor.a, pup.optional.windowsmangerprotect.a, pup.optional.wpm.a, trojan.zbagent.ns, youtubeadblocke entfernen



Ähnliche Themen: Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab


  1. Pop Ups trotz Blocker, Wörter blau unterstrichen und Werbung ohne Ende
    Alles rund um Windows - 20.10.2015 (7)
  2. Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Log-Analyse und Auswertung - 05.08.2015 (19)
  3. Einzelne Wörter werden blau unterstrichen wenn ich auf sie drücke werde ich zu Werbung gelinkt
    Plagegeister aller Art und deren Bekämpfung - 27.05.2015 (7)
  4. einzelne Wörter blau unterstrichen, Browser öffnet Werbeseiten
    Log-Analyse und Auswertung - 19.05.2015 (13)
  5. wörter grün und blau doppelt unterstrichen
    Log-Analyse und Auswertung - 19.11.2014 (8)
  6. Werbung im Browser, Wörter doppelt blau unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 22.09.2014 (5)
  7. Windows 7: Chrome öffnet Fenster, Tabs und PopUps mit Werbung und Wörter doppelt blau unterstrichen
    Log-Analyse und Auswertung - 10.09.2014 (9)
  8. Wörter doppelt blau unterstrichen, Java Update Free
    Log-Analyse und Auswertung - 07.09.2014 (13)
  9. Win 7, Wörter blau und doppelt unterstrichen + Werbung
    Log-Analyse und Auswertung - 30.08.2014 (9)
  10. Wörter blau und doppelt unterstrichen + mass Werbung
    Log-Analyse und Auswertung - 04.08.2014 (13)
  11. Wörter blau und doppelt unterstrichen + Werbung
    Log-Analyse und Auswertung - 03.08.2014 (4)
  12. Windows 8.1, Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (12)
  13. Windows 7: zufällige Wörter blau und doppelt unterstrichen - aufdringliche Werbung
    Log-Analyse und Auswertung - 26.04.2014 (13)
  14. Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (1)
  15. Windows 7: Viele Wörter werden doppelt blau unterstrichen auf verschiedenen Internetseiten
    Log-Analyse und Auswertung - 27.01.2014 (7)
  16. Wörter erscheinen im Browser Grün und doppelt unterstrichen
    Log-Analyse und Auswertung - 30.12.2013 (9)
  17. Einzelne Wörter sind plötzlich blau und doppelt unterstrichen - Fenster öffnen sich
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (23)

Zum Thema Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab - Also wie oben schon beschrieben habe ich das Problem und ich habe keine Ahnung wie ich den Mist weg bekomme und brauche eure Hilfe habe bissen was gelesen und mir - Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab...
Archiv
Du betrachtest: Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.