Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pc stürzt oft ab !

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.12.2014, 17:15   #1
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Hey Leute,
seit kurzer Zeit stürzt mein Pc öfter einfach ab.
Das passiert nicht nur bei grafiklastigen Spielen sondern auch bei Programmen wie Word etc.
Ich bin mir zwar nicht sicher ob es an einem Virus oder so liegt, aber ich hoffe ich kann mein Problem hier trotzdem lösen.

Es fängt damit an das das Programm welches ich gerade nutze nicht mehr reagiert (Es heißt dann auch "Keine Rückmeldung"). Dann kann ich den Task-Manager (und auch alles andere) nicht mehr öffnen und die anderen offenen Fenster sind auch nicht mehr bedienbar, aber meist zumindest noch schließbar.
Irgendwann kann ich nur noch meine Maus bewegen und auch nach längerem Warten bleibt mir nichts anderes übrig als meinen Pc (mit auf Aus/Einschaltknopf bleiben) abstürzen zu lassen.
Ich kann meinen PC auch nicht mehr normal herunterfahren (also Start > Herunterfahren), weil dann nur Herunterfahren dasteht und das auch nach einer Wartezeit von einer Stunde... Dann muss ich den PC immer abstürzen lassen...

Mein Virenprogramm (neueste Version von Avast) findet nichts...
Was kann ich dagegen tun ?
Danke im Voraus !

Alt 18.12.2014, 17:27   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 18.12.2014, 18:00   #3
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by David (administrator) on DAVID-ACER on 18-12-2014 18:48:22
Running from C:\Users\David\Desktop
Loaded Profiles: UpdatusUser & David (Available profiles: UpdatusUser & David & user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShellHlp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NextSTART] => [X]
HKLM-x32\...\Run: [Workshelf] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {1fd2defc-0fd9-11e3-b382-dc0ea11d82fe} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {2812e136-d586-11e2-bdb6-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {3f0b6f0b-c1fe-11e2-8ca3-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {ae06f47d-bfea-11e2-9e09-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {ae06f48a-bfea-11e2-9e09-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\RunOnce: [Adobe Speed Launcher] => 1418924403
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\MountPoints2: {1fd2defc-0fd9-11e3-b382-dc0ea11d82fe} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\MountPoints2: {2812e136-d586-11e2-bdb6-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\MountPoints2: {3f0b6f0b-c1fe-11e2-8ca3-dc0ea11d82fe} - F:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\MountPoints2: {ae06f47d-bfea-11e2-9e09-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\MountPoints2: {ae06f48a-bfea-11e2-9e09-dc0ea11d82fe} - F:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2014-09-27] () <==== ATTENTION 
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [96104 2014-11-13] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [87840 2014-11-13] (Zemana Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3466399659-1618858318-3356278196-1006\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119776&tt=gc_&babsrc=SP_ss&mntrId=8A9B64273717AA4B
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0DzztB0F0E0CyD0CtDtN0D0Tzu0CyCyDyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1421656380&ir=
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3054224013274139&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120914160850.dll (McAfee, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120914160850.dll (McAfee, Inc.)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Hosts: 127.0.0.1 launcher01.kalypsomedia.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042
FF DefaultSearchUrl: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3466399659-1618858318-3356278196-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: MySearch - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\iircg12@z-fbtwu.org [2014-08-05]
FF Extension: Deutsch (DE) Language Pack - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-10-14]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-02-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-27]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (TooManyTabs für Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2014-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-18]
CHR Extension: (GMX MailCheck) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-10-18]
CHR Extension: (Adblock Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-18]
CHR Extension: (Video Downloader professional) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-10-18]
CHR Extension: (Stylish) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-11-25]
CHR Extension: (Black & white Thema) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2014-11-30]
CHR Extension: (Click&Clean) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-10-18]
CHR Extension: (Audio EQ) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2014-11-02]
CHR Extension: (FVD Downloader) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-10-18]
CHR Extension: (RenameTab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkailnbloeepkajmoblllhhhckpbbncg [2014-11-25]
CHR Extension: (MuteTab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc [2014-11-02]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-08-12] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-09] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S4 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [502064 2012-08-23] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [210616 2012-05-25] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [162224 2012-05-25] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-04] ()
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [316416 2014-04-19] (Microsoft Corporation) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-22] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-04-19] (DT Soft Ltd)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [71400 2014-11-13] (Zemana Ltd.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [96256 2009-10-15] (ATEN)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-09] (Avast Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 18:48 - 2014-12-18 18:49 - 00030449 _____ () C:\Users\David\Desktop\FRST.txt
2014-12-18 18:48 - 2014-12-18 18:49 - 00000000 ____D () C:\FRST
2014-12-18 18:44 - 2014-12-18 18:44 - 02121216 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-12-18 18:44 - 2014-12-18 18:44 - 02121216 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-12-18 18:42 - 2014-12-18 18:43 - 00000197 _____ () C:\Windows\system32\2014-12-18-17-42-32.099-AvastVBoxSVC.exe-3288.log
2014-12-18 18:09 - 2014-12-18 18:09 - 00000197 _____ () C:\Windows\system32\2014-12-18-17-09-01.002-AvastVBoxSVC.exe-5636.log
2014-12-18 17:37 - 2014-12-18 17:37 - 00000197 _____ () C:\Windows\system32\2014-12-18-16-37-39.014-AvastVBoxSVC.exe-6012.log
2014-12-18 17:01 - 2014-12-18 17:01 - 00000197 _____ () C:\Windows\system32\2014-12-18-16-01-03.056-AvastVBoxSVC.exe-3468.log
2014-12-18 02:18 - 2014-12-18 02:18 - 00000197 _____ () C:\Windows\system32\2014-12-18-01-18-44.035-AvastVBoxSVC.exe-3948.log
2014-12-17 18:54 - 2014-12-17 18:55 - 00000197 _____ () C:\Windows\system32\2014-12-17-17-54-55.026-AvastVBoxSVC.exe-5736.log
2014-12-17 17:21 - 2014-12-17 17:21 - 00000280 _____ () C:\Windows\system32\2014-12-17-16-21-20.042-aswFe.exe-4584.log
2014-12-17 17:14 - 2014-12-17 17:15 - 00000197 _____ () C:\Windows\system32\2014-12-17-16-14-40.045-AvastVBoxSVC.exe-1924.log
2014-12-17 13:37 - 2014-12-17 13:37 - 00000197 _____ () C:\Windows\system32\2014-12-17-12-37-00.066-AvastVBoxSVC.exe-3872.log
2014-12-17 08:27 - 2014-12-17 08:28 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-27-59.066-AvastVBoxSVC.exe-5048.log
2014-12-17 08:22 - 2014-12-17 08:22 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-22-03.011-AvastVBoxSVC.exe-3220.log
2014-12-16 20:43 - 2014-12-16 20:48 - 04437584 _____ (FreeDownloadManager.ORG ) C:\Users\David\Downloads\fdminst-lite.exe
2014-12-16 20:37 - 2014-12-16 21:01 - 1835281604 _____ () C:\Users\David\Downloads\Burnout_Paradise_The_Ultimate_Box.iso (2).crdownload
2014-12-16 20:33 - 2014-12-16 20:33 - 00000197 _____ () C:\Windows\system32\2014-12-16-19-33-25.024-AvastVBoxSVC.exe-4356.log
2014-12-16 19:59 - 2014-12-16 19:59 - 00000197 _____ () C:\Windows\system32\2014-12-16-18-59-53.015-AvastVBoxSVC.exe-3416.log
2014-12-16 19:40 - 2014-12-16 19:43 - 277664256 _____ () C:\Users\David\Downloads\ChristmasShopperSimulator_v1.0.msi
2014-12-16 19:28 - 2014-12-16 19:28 - 00000197 _____ () C:\Windows\system32\2014-12-16-18-28-29.021-AvastVBoxSVC.exe-6908.log
2014-12-16 18:55 - 2014-12-16 18:56 - 00000197 _____ () C:\Windows\system32\2014-12-16-17-55-57.084-AvastVBoxSVC.exe-7516.log
2014-12-16 18:31 - 2014-12-16 18:32 - 489580582 _____ () C:\Users\David\Downloads\IGG-Distance.rar
2014-12-16 18:28 - 2014-12-16 18:29 - 86002696 _____ () C:\Users\David\Downloads\IGG-Metrocide.v1.0.rar
2014-12-16 18:25 - 2014-12-16 18:25 - 00000197 _____ () C:\Windows\system32\2014-12-16-17-25-06.062-AvastVBoxSVC.exe-268.log
2014-12-16 17:50 - 2014-12-16 20:08 - 00014066 ____H () C:\Users\David\Desktop\~WRL0800.tmp
2014-12-16 17:50 - 2014-12-16 19:02 - 00012257 ____H () C:\Users\David\Desktop\~WRL1323.tmp
2014-12-16 17:48 - 2014-12-16 17:58 - 878578501 _____ () C:\Users\David\Downloads\Notfall_DVD_5.0_Free.zip
2014-12-16 17:40 - 2014-12-16 17:40 - 00000197 _____ () C:\Windows\system32\2014-12-16-16-40-24.013-AvastVBoxSVC.exe-4972.log
2014-12-15 12:58 - 2014-12-15 12:58 - 00000197 _____ () C:\Windows\system32\2014-12-15-11-58-35.064-AvastVBoxSVC.exe-5068.log
2014-12-15 12:28 - 2014-12-15 12:28 - 00000197 _____ () C:\Windows\system32\2014-12-15-11-28-35.017-AvastVBoxSVC.exe-8860.log
2014-12-14 18:35 - 2014-12-14 18:36 - 00000197 _____ () C:\Windows\system32\2014-12-14-17-35-36.049-AvastVBoxSVC.exe-5092.log
2014-12-14 18:02 - 2014-12-14 18:03 - 00000197 _____ () C:\Windows\system32\2014-12-14-17-02-45.051-AvastVBoxSVC.exe-6528.log
2014-12-14 17:30 - 2014-12-14 17:30 - 00000197 _____ () C:\Windows\system32\2014-12-14-16-30-29.001-AvastVBoxSVC.exe-4244.log
2014-12-13 14:37 - 2014-12-13 14:37 - 00000197 _____ () C:\Windows\system32\2014-12-13-13-37-12.042-AvastVBoxSVC.exe-9508.log
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\Users\David\AppData\Local\AntiLogger Free
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\Program Files (x86)\Zemana AntiLogger Free
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\Program Files (x86)\KeyCryptSDK
2014-12-13 14:17 - 2014-11-13 12:20 - 00071400 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys
2014-12-13 13:58 - 2014-12-13 13:58 - 00000197 _____ () C:\Windows\system32\2014-12-13-12-58-24.096-AvastVBoxSVC.exe-8640.log
2014-12-13 13:57 - 2014-12-13 13:57 - 00130576 _____ () C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-13 13:53 - 2014-12-18 18:38 - 00001344 _____ () C:\Windows\setupact.log
2014-12-13 13:53 - 2014-12-13 13:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-13 13:52 - 2014-12-13 13:54 - 05113760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-13 13:31 - 2014-12-13 13:31 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-13 13:30 - 2014-12-13 14:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-13 13:30 - 2014-12-13 13:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-13 13:30 - 2014-12-13 13:30 - 00001405 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-12-13 13:30 - 2014-12-13 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-12-13 13:30 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-12-13 13:26 - 2014-12-18 18:42 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-12-13 13:26 - 2014-12-13 13:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\Nico Mak Computing
2014-12-13 13:26 - 2014-12-13 13:26 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-12-13 13:26 - 2014-12-13 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-12-13 13:26 - 2014-12-13 13:26 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-12-13 13:26 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-12-13 13:19 - 2014-12-13 13:20 - 00000197 _____ () C:\Windows\system32\2014-12-13-12-19-28.053-AvastVBoxSVC.exe-4572.log
2014-12-12 21:20 - 2014-12-12 21:20 - 00000197 _____ () C:\Windows\system32\2014-12-12-20-20-52.096-AvastVBoxSVC.exe-3652.log
2014-12-12 21:16 - 2014-12-12 21:16 - 00003408 ____N () C:\bootsqm.dat
2014-12-12 20:05 - 2014-12-12 20:05 - 00000197 _____ () C:\Windows\system32\2014-12-12-19-05-46.076-AvastVBoxSVC.exe-2796.log
2014-12-12 19:31 - 2014-12-12 19:31 - 00000197 _____ () C:\Windows\system32\2014-12-12-18-31-14.040-AvastVBoxSVC.exe-5036.log
2014-12-12 19:09 - 2014-12-12 19:21 - 00000000 ____D () C:\Users\David\AppData\Roaming\Dungeonmans
2014-12-12 18:55 - 2014-12-12 18:55 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-55-37.055-AvastVBoxSVC.exe-3956.log
2014-12-12 18:22 - 2014-12-12 18:22 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-22-35.093-AvastVBoxSVC.exe-2480.log
2014-12-12 17:50 - 2014-12-12 17:50 - 00000197 _____ () C:\Windows\system32\2014-12-12-16-50-54.007-AvastVBoxSVC.exe-4212.log
2014-12-12 15:40 - 2014-12-12 15:41 - 00000197 _____ () C:\Windows\system32\2014-12-12-14-40-44.093-AvastVBoxSVC.exe-4440.log
2014-12-12 15:04 - 2014-12-12 15:05 - 00000197 _____ () C:\Windows\system32\2014-12-12-14-04-54.059-AvastVBoxSVC.exe-4660.log
2014-12-11 13:46 - 2014-12-11 13:46 - 00000197 _____ () C:\Windows\system32\2014-12-11-12-46-28.031-AvastVBoxSVC.exe-3728.log
2014-12-11 13:13 - 2014-12-11 13:13 - 00000197 _____ () C:\Windows\system32\2014-12-11-12-13-14.032-AvastVBoxSVC.exe-3664.log
2014-12-11 11:45 - 2014-12-11 11:45 - 00000197 _____ () C:\Windows\system32\2014-12-11-10-45-08.054-AvastVBoxSVC.exe-3568.log
2014-12-10 19:52 - 2014-12-10 19:52 - 00000197 _____ () C:\Windows\system32\2014-12-10-18-52-11.067-AvastVBoxSVC.exe-4604.log
2014-12-10 18:46 - 2014-12-10 18:46 - 00000197 _____ () C:\Windows\system32\2014-12-10-17-46-33.082-AvastVBoxSVC.exe-4644.log
2014-12-10 18:13 - 2014-12-10 18:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\com.stateofplaygames.LuminoCity
2014-12-10 18:10 - 2014-12-10 18:10 - 00000197 _____ () C:\Windows\system32\2014-12-10-17-10-39.067-AvastVBoxSVC.exe-5200.log
2014-12-10 17:34 - 2014-12-10 17:34 - 00000197 _____ () C:\Windows\system32\2014-12-10-16-34-12.020-AvastVBoxSVC.exe-4136.log
2014-12-10 14:51 - 2014-12-10 14:51 - 00000197 _____ () C:\Windows\system32\2014-12-10-13-51-12.066-AvastVBoxSVC.exe-4272.log
2014-12-10 14:20 - 2014-12-10 14:20 - 15453832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xlive.dll
2014-12-10 14:19 - 2014-06-10 12:27 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2014-12-10 14:13 - 2014-12-10 14:13 - 00000197 _____ () C:\Windows\system32\2014-12-10-13-13-45.099-AvastVBoxSVC.exe-8880.log
2014-12-10 13:56 - 2014-12-10 13:56 - 00000247 _____ () C:\Windows\system32\2014-12-10-12-56-45.027-aswFe.exe-3684.log
2014-12-10 13:50 - 2014-12-10 13:56 - 00000247 _____ () C:\Windows\system32\2014-12-10-12-50-32.089-aswFe.exe-3020.log
2014-12-10 13:50 - 2014-12-10 13:50 - 00000197 _____ () C:\Windows\system32\2014-12-10-12-50-20.077-AvastVBoxSVC.exe-1564.log
2014-12-10 13:46 - 2014-12-10 13:46 - 00003256 _____ () C:\Windows\System32\Tasks\{FC85E084-C44F-41A8-96F7-9210F9904A27}
2014-12-10 13:39 - 2014-12-10 13:40 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-10 13:39 - 2014-12-10 13:40 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-09 19:44 - 2014-12-09 19:43 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-09 19:43 - 2014-12-09 19:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-09 18:32 - 2014-12-09 18:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Yacht Club Games
2014-12-09 09:45 - 2014-12-09 19:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-12-09 09:45 - 2014-12-09 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-12-09 09:45 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-09 09:45 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-09 09:45 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-09 09:45 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-09 09:44 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-09 09:44 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-09 09:44 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-09 09:44 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-09 09:44 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-09 09:44 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-09 09:44 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-09 09:44 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-09 09:44 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-09 09:44 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-09 09:44 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-09 09:44 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-09 09:44 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-09 09:44 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-09 09:44 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-09 09:44 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-09 09:44 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-09 09:44 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-09 09:44 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-09 09:44 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-09 09:44 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-09 09:44 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-09 09:44 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-09 09:44 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-09 09:44 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-09 09:44 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-09 09:44 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-09 09:44 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-09 09:44 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-09 09:44 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-09 09:44 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-09 09:44 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-09 09:44 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-09 09:44 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-09 09:44 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-09 09:44 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-09 09:43 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-09 09:43 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-09 09:43 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-09 09:43 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-09 09:43 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-09 09:43 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-09 09:43 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-09 09:43 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-09 09:43 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-09 09:43 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-09 09:43 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-09 09:43 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-09 09:43 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-09 09:43 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-09 09:43 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-09 09:43 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-09 09:43 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-09 09:43 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-09 09:34 - 2014-12-09 09:34 - 00000000 ____D () C:\Program Files (x86)\Capcom
2014-12-09 09:32 - 2014-12-09 09:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-12-09 09:32 - 2014-12-09 09:32 - 00000000 ____D () C:\GOG Games
2014-12-08 17:43 - 2014-12-18 17:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-08 17:43 - 2014-12-12 15:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-08 17:43 - 2014-12-12 15:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 17:43 - 2014-12-12 15:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 16:16 - 2014-12-08 16:16 - 00002974 _____ () C:\Windows\System32\Tasks\Launch 19578
2014-12-08 15:52 - 2014-12-09 19:56 - 00000165 _____ () C:\AdwCleanerDebug.txt
2014-12-08 08:18 - 2014-12-08 08:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\11bitstudios
2014-12-08 07:58 - 2014-12-08 08:02 - 00000000 ____D () C:\Users\David\AppData\Local\qbqbqb
2014-12-08 07:58 - 2014-12-08 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QbQbQb
2014-12-08 07:58 - 2014-12-08 07:58 - 00000000 ____D () C:\Program Files (x86)\QbQbQb
2014-12-06 20:42 - 2003-04-19 00:39 - 00006659 _____ () C:\Windows\SysWOW64\TANDPL.VXD
2014-12-06 20:42 - 2003-04-19 00:32 - 00004736 _____ () C:\Windows\SysWOW64\Drivers\tandpl.sys
2014-12-06 20:42 - 2003-03-02 17:44 - 00007552 _____ () C:\Windows\SysWOW64\Drivers\enodpl.sys
2014-12-06 20:42 - 2001-08-31 15:16 - 00006532 _____ () C:\Windows\SysWOW64\ENODPL.VXD
2014-12-06 20:01 - 2014-12-06 20:01 - 00000000 ____D () C:\Users\David\AppData\Roaming\fr.ratzngodz.1Quest
2014-12-03 19:24 - 2014-12-03 19:24 - 00001653 _____ () C:\Users\user\Desktop\Xenominer.lnk
2014-12-02 19:10 - 2014-12-08 10:24 - 00000000 ____D () C:\Users\David\AppData\Local\GeometryWars3Dimensions
2014-12-02 19:00 - 2014-12-02 19:00 - 00000000 ____D () C:\Users\David\AppData\Local\{C437D4BF-8ED2-4794-857A-CF6C26DD8414}
2014-12-02 18:22 - 2014-12-02 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darksiders II
2014-12-02 18:18 - 2014-12-02 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra Activision Aspyr
2014-12-02 18:17 - 2014-12-02 18:17 - 00000000 ____D () C:\Program Files (x86)\Sierra Activision Aspyr
2014-12-02 17:44 - 2014-12-02 18:22 - 00000000 ____D () C:\Program Files (x86)\Darksiders II
2014-11-25 18:31 - 2014-11-25 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Running With Scissors
2014-11-25 18:30 - 2014-11-25 18:30 - 00000000 ____D () C:\Users\David\AppData\Local\Daedalic Entertainment GmbH
2014-11-25 18:28 - 2014-11-25 18:28 - 00000000 ____D () C:\Program Files (x86)\Running With Scissors
2014-11-25 18:07 - 2014-11-25 18:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2014-11-25 18:07 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-11-25 18:03 - 2014-12-09 19:45 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-11-25 18:03 - 2014-12-09 19:45 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-11-25 17:03 - 2014-11-25 17:03 - 00000032 _____ () C:\ProgramData\Temp.log
2014-11-25 16:48 - 2014-11-25 16:48 - 00000000 ____D () C:\Users\David\AppData\Local\{27594447-F198-4119-A552-4B3853F673CE}
2014-11-25 14:27 - 2014-11-25 14:39 - 00000000 ____D () C:\Program Files (x86)\Randal's Monday
2014-11-24 19:32 - 2014-11-24 19:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Carbon
2014-11-24 09:26 - 2014-11-24 09:26 - 00000000 ____D () C:\Users\David\AppData\Local\{B071EAAE-B231-4255-B48A-343F4A135DE3}
2014-11-23 19:29 - 2014-11-23 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-23 19:29 - 2014-11-23 19:29 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-19 10:42 - 2014-11-19 10:42 - 00000000 ____D () C:\Users\David\Documents\Benutzerdefinierte Office-Vorlagen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 18:49 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 18:49 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 18:46 - 2014-06-04 18:09 - 01164990 _____ () C:\Windows\WindowsUpdate.log
2014-12-18 18:41 - 2014-05-27 17:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-18 18:41 - 2012-07-24 15:06 - 00000000 ____D () C:\ProgramData\clear.fi
2014-12-18 18:39 - 2013-09-04 16:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-18 18:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 18:09 - 2013-09-04 16:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-18 18:01 - 2013-02-05 20:19 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-12-18 17:03 - 2014-06-10 06:39 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-17 17:20 - 2014-06-10 06:39 - 00003856 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1402378750
2014-12-16 20:32 - 2013-02-04 18:14 - 00000000 ____D () C:\schule
2014-12-16 20:21 - 2014-09-27 15:49 - 00259072 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-12-15 12:26 - 2014-09-01 09:34 - 00000000 ___RD () C:\Users\David\Desktop\-
2014-12-14 18:49 - 2012-08-27 18:25 - 00000000 ____D () C:\Users\David\AppData\Roaming\.minecraft
2014-12-14 18:23 - 2012-09-14 14:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-12-14 18:04 - 2014-09-21 18:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-14 18:04 - 2011-10-14 04:30 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 14:40 - 2012-08-27 18:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-12-13 14:22 - 2014-11-17 13:54 - 00003052 _____ () C:\Windows\System32\Tasks\{B960A761-DB7D-441F-B492-F36E2AD2345F}
2014-12-13 13:44 - 2014-04-19 19:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\DAEMON Tools Pro
2014-12-13 13:44 - 2013-05-21 11:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2014-12-13 13:32 - 2013-09-04 16:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-12 15:29 - 2014-10-12 19:07 - 00000000 ____D () C:\Users\David\AppData\Local\Adobe
2014-12-12 15:18 - 2013-09-04 17:23 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-12 15:18 - 2012-08-27 18:17 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-12 15:18 - 2012-08-27 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-11 13:20 - 2014-04-05 16:28 - 00000000 ____D () C:\Users\David\Documents\My Games
2014-12-11 13:18 - 2012-07-27 06:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-10 18:21 - 2013-09-28 11:14 - 00000000 ____D () C:\Users\David\.VirtualBox
2014-12-10 18:13 - 2012-07-23 15:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\Macromedia
2014-12-10 17:54 - 2014-07-30 18:38 - 00000000 ____D () C:\Users\David\Documents\CAPCOM
2014-12-10 13:43 - 2011-10-14 04:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-09 20:05 - 2014-02-22 16:57 - 00000000 ____D () C:\AdwCleaner
2014-12-09 19:51 - 2014-07-09 16:56 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-12-09 19:45 - 2011-10-14 04:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-09 19:44 - 2014-05-27 17:19 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-09 19:43 - 2014-05-27 17:29 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-09 19:43 - 2014-05-27 17:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-09 19:42 - 2014-09-11 14:50 - 00000000 ___RD () C:\Users\David\Desktop\GGebra
2014-12-09 19:12 - 2012-07-23 15:48 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe
2014-12-09 09:46 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-08 16:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-08 16:06 - 2011-12-16 13:26 - 00701576 _____ () C:\Windows\system32\perfh007.dat
2014-12-08 16:06 - 2011-12-16 13:26 - 00150444 _____ () C:\Windows\system32\perfc007.dat
2014-12-08 16:06 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-08 15:51 - 2013-10-12 17:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-07 14:48 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-06 21:26 - 2014-05-03 20:30 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-12-06 20:57 - 2011-10-14 04:49 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-03 19:23 - 2014-03-16 13:11 - 00000000 ____D () C:\Games
2014-12-02 18:54 - 2014-04-19 20:34 - 00000000 ____D () C:\Users\David\AppData\Local\SKIDROW
2014-11-29 18:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-25 17:03 - 2011-10-14 04:32 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-11-25 17:01 - 2011-12-16 05:01 - 00000000 ____D () C:\ProgramData\Temp
2014-11-25 16:49 - 2014-09-02 14:59 - 00000000 ____D () C:\Users\David\AppData\Local\Windows Live
2014-11-23 12:01 - 2013-09-28 11:15 - 00000000 ____D () C:\Users\David\VirtualBox VMs
2014-11-20 12:15 - 2014-08-03 16:04 - 00000000 ____D () C:\Users\David\AppData\Roaming\Tropico 5
2014-11-18 14:23 - 2012-07-23 15:20 - 00000000 ____D () C:\Users\David\AppData\Local\Microsoft Help

Files to move or delete:
====================
C:\Users\Dxtory2.0\AudioStreamSplitter.exe
C:\Users\Dxtory2.0\AVIFix.exe
C:\Users\Dxtory2.0\AVIMux.exe
C:\Users\Dxtory2.0\AVIMuxCore.dll
C:\Users\Dxtory2.0\Dxtory.exe
C:\Users\Dxtory2.0\Dxtory64.exe
C:\Users\Dxtory2.0\DxtoryAudioHelper.dll
C:\Users\Dxtory2.0\DxtoryCore.dll
C:\Users\Dxtory2.0\DxtoryCore64.dll
C:\Users\Dxtory2.0\DxtoryHK.dll
C:\Users\Dxtory2.0\DxtoryHK64.dll
C:\Users\Dxtory2.0\DxtoryMM.dll
C:\Users\Dxtory2.0\DxtoryMM64.dll
C:\Users\Dxtory2.0\DxtoryVideo.dll
C:\Users\Dxtory2.0\DxtoryVideo64.dll
C:\Users\Dxtory2.0\DxtoryVideo64_Install.bat
C:\Users\Dxtory2.0\DxtoryVideo64_Uninstall.bat
C:\Users\Dxtory2.0\DxtoryVideoSetting.exe
C:\Users\Dxtory2.0\DxtoryVideo_Install.bat
C:\Users\Dxtory2.0\DxtoryVideo_Uninstall.bat
C:\Users\Dxtory2.0\LicReg.exe
C:\Users\Dxtory2.0\RawCapConv.exe
C:\Users\Dxtory2.0\RCStream.dll
C:\Users\Dxtory2.0\unins000.dat
C:\Users\Dxtory2.0\unins000.exe
C:\Users\Dxtory2.0\UpdateChecker.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-07 18:57

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 18.12.2014, 18:01   #4
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by David at 2014-12-18 18:50:41
Running from C:\Users\David\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee  Anti-Virus und Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: McAfee  Anti-Virus und Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee  Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Tropico 4" (HKLM-x32\...\{C276D408-F88A-4E69-9CE3-B785CFA276BD}_is1) (Version:  - )
«Cabela's Big Game Hunter Pro Hunts» (HKLM-x32\...\{77B9D608-84EC-4F26-9541-D92F1C223851}_is1) (Version: 1.0 - © R.G. Revenants)
µTorrent (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
7 Days to Die - Alpha version 0.9.1 (HKLM-x32\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 0.9.1 - The Fun Pimps LLC)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Achtung, die Kurve! 2 (HKLM-x32\...\Achtung, die Kurve!) (Version: 2 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
AirMech (HKLM-x32\...\Steam App 206500) (Version:  - Carbon Games)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Among The Sleep (HKLM-x32\...\Among The Sleep_is1) (Version:  - )
ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)
Anno 2070 version 2.0 (HKLM-x32\...\{B6249B57-3A35-4E06-A747-F79AE49F275D}_is1) (Version: 2.0 - )
AntiLogger Free version 1.8.2.16 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.16 - Zemana Ltd.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.00 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Battlefield Heroes (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Big Fun Zug Um Zug (HKLM-x32\...\Zug Um Zug) (Version:  - )
BigRigs over the road Racing (HKLM-x32\...\BigRigs over the road Racing_is1) (Version:  - Stellar Stone Group)
Blender (HKLM\...\Blender) (Version: 2.64a-release - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{783DCCCB-FBD0-4D1D-928D-7075DA8015E6}) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
'Borderlands' (v.1.4.1) (HKLM-x32\...\'Borderlands'_is1) (Version:  - )
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BumpTop (HKLM-x32\...\{71702641-2849-45A4-8E62-4B85974B24A0}_is1) (Version: 2.1.6225 - Bump Technologies, Inc.)
BumpTop (HKLM-x32\...\{AC28B5E8-B5D6-4917-B686-DED2212926BB}) (Version: 1.0.3038 - Bump Technologies, Inc.)
Capsized (HKLM-x32\...\Capsized_is1) (Version:  - )
Cat Licking Screen Cleaner Screensaver (HKLM-x32\...\Cat Licking Screen Cleaner Screensaver) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Costume Quest 2 (HKLM-x32\...\Costume Quest 2_is1) (Version: 1.0 - PLAZA)
Craften Terminal 3.3.4897.28268 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.3.4897.28268 - Craften Dev Team)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CursorFX (x32 Version: 2.00 - Stardock Corporation) Hidden
CursorFX Plus (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\CursorFX Plus) (Version:  - Stardock Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro Advanced (HKLM-x32\...\DAEMON Tools Pro Advanced) (Version:  - )
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: Darksiders II - )
Depth (HKLM-x32\...\Depth_is1) (Version:  - )
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Duke Nukem 3D Megaton Edition version 1.00 (HKLM-x32\...\Duke Nukem 3D Megaton Edition_is1) (Version: 1.00 - )
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FEZ (HKLM-x32\...\FEZ_is1) (Version:  - R.G. Origami)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FMS (HKLM-x32\...\FMS) (Version:  - )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GeoGebra 4.4 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\GeoGebra 4.4) (Version: 4.4.43.0 - International GeoGebra Institute)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.24.0 - International GeoGebra Institute)
Geometry Wars 3 Dimensions (HKLM-x32\...\Geometry Wars 3 Dimensions_is1) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint Exclusive Edition 1.0 (HKLM-x32\...\Gunpoint Exclusive Edition 1.0) (Version: 1.0 - Focus Home Interactive)
Gunpoint version v1.1 (HKLM-x32\...\{B33EDF25-91DF-40FC-B2F7-FA19E3F0489F}}_is1) (Version: v1.1 - )
Haunt 1.1 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\Haunt 1.1) (Version:  - )
Haunt 1.1 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Haunt 1.1) (Version:  - )
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations) <==== ATTENTION!
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{5409411D-CD72-432D-B823-1B520B24BD3C}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Igneous (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Igneous) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest (HKLM-x32\...\Jewel Quest_is1) (Version:  - My Real Games Ltd)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Joystick 2 Mouse 3 (HKLM-x32\...\Joystick 2 Mouse 3) (Version:  - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Jurassic Park Operation Genesis Demo (HKLM-x32\...\InstallShield_{5066E836-D960-45A2-AB12-81545003451D}) (Version: 1.00.0000 - Universal Interactive)
Jurassic Park Operation Genesis Demo (x32 Version: 1.00.0000 - Universal Interactive) Hidden
Kill The Bad Guy (HKLM-x32\...\Kill The Bad Guy_is1) (Version:  - )
Killer is Dead (HKLM-x32\...\Killer is Dead_is1) (Version:  - )
Knight Rider PC Demo (HKLM-x32\...\Knight Rider PC Demo) (Version:  - Davilex Games B.V.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM-x32\...\{4614C36E-AABF-42AD-9419-0B8051547B96}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM-x32\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LEGO MINDSTORMS NXT Software v2.0 (HKLM-x32\...\{5B7EDCF8-E6AD-4E99-972C-34BF1F07B349}) (Version: 2.0.114.0 - LEGO)
LibreOffice 3.5 (HKLM-x32\...\{B1F9C834-0594-4563-B344-4ED9599A5945}) (Version: 3.5.5.3 - The Document Foundation)
LibreOffice 3.5 Help Pack (German) (HKLM-x32\...\{63DAF1E5-2FE9-4CE1-871F-BBE6E5630E12}) (Version: 3.5.5.3 - The Document Foundation)
Licking Dog Screen Clean Screensaver (HKLM-x32\...\Licking Dog Screen Clean Screensaver) (Version:  - )
LIMBO (HKLM-x32\...\LIMBO) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.166 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.166 - LogMeIn, Inc.) Hidden
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Max Payne 2 (HKLM-x32\...\Max Payne 2) (Version:  - )
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 11.0.678 - McAfee, Inc.)
MegaDownloader 0.82 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 0.82 - Andres_age)
Megapolis (HKLM-x32\...\Megapolis_is1) (Version:  - FreeGamePick.com)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 - de-de (HKLM\...\SPDRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.21.75 - Huawei Technologies Co.,Ltd)
Monaco What's Yours Is Mine (HKLM-x32\...\Monaco What's Yours Is Mine_is1) (Version: Monaco What's Yours Is Mine - )
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Mutant Factions v0.92 (HKLM-x32\...\{192DCFA4-5AD8-44B2-B08E-38D7BC8980C6}_is1) (Version:  - Ben Johnson)
My Game Long Name (HKLM\...\UDK-e40e093f-8cca-4bae-b236-c4c49ce4598f) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-fa558830-5bb0-41aa-b74c-0e62877dd866) (Version:  - Epic Games, Inc.)
MyFreeCodec (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MyFreeCodec) (Version:  - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nitronic Rush (2012-12-21 .2) version 20121221.1 (HKLM-x32\...\{9B55759D-424F-4CB1-B84E-AAE83CC1D20A}_is1) (Version: 20121221.1 - DigiPen)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 285.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.64 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
One Button Bob (HKLM-x32\...\{00F0982D-CBB7-47FE-BAA1-4C0589D43A8A}_is1) (Version:  - ePlaybus.com)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{58152609-fc38-4925-8ef4-c2548453c6fb}) (Version: latest - ppy Pty Ltd)
osu! (HKLM-x32\...\{e2eadd0d-7e2d-4ed3-808b-921824a1913a}) (Version: latest - ppy Pty Ltd)
Outland (HKLM-x32\...\Outland_is1) (Version: 1.0 - PLAZA)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\PhotoFiltre 7) (Version:  - )
Planetary Annihilation (HKLM-x32\...\Planetary Annihilation_is1) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Poker Night 2 (HKLM-x32\...\Poker Night 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal (HKLM-x32\...\Portal) (Version:  - )
Portal 2 version 1.16 (HKLM-x32\...\{2ED84EF7-0C8D-3P20-BIO2-7B42A5D4E0EB}_is1) (Version: 1.16 - Black Box)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Postal 2 Complete (HKLM-x32\...\Postal 2 Complete_is1) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Prototype 2 version 5.1 (HKLM-x32\...\{B810D852-DFD6-PROT2L-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QbQbQb version 1.1.0 (HKLM-x32\...\{6AC0001C-30BB-4582-959E-6BF89172AB09}_is1) (Version: 1.1.0 - Rezoner)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Randal's Monday (HKLM-x32\...\Randal's Monday_is1) (Version:  - Daedalic Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
RegHunter (HKLM\...\{F94A63D7-9A61-403B-8F6F-90B1BF77211A}) (Version: 1.3.3.1613 - Enigma Software Group USA, LLC)
Remo Repair RAR (HKLM-x32\...\{665680CE-EABF-4678-94AA-F3253AD70B0A}_is1) (Version: 2.0.0.17 - Remo Software)
Resident Evil - Operation Raccoon City (HKLM-x32\...\Resident Evil - Operation Raccoon City_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Salt 1.2.9.2 (HKLM-x32\...\Salt 1.2.9.2) (Version: 1.2.9.2 - TJTITAN199)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Serious Sam Test 2 (HKLM-x32\...\Serious Sam Test 2) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shape Shape (HKLM-x32\...\Shape Shape_is1) (Version:  - Shmehao.com)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Spacebar Simulator 2014 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Spacebar Simulator 2014) (Version:  - )
Spelunky HD 1.0 (HKLM-x32\...\Spelunky HD 1.0) (Version: 1.0 - Cat-A-Cat)
Spintires (HKLM-x32\...\Spintires_is1) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (HKLM\...\{EDBC8AED-78A3-424E-ADB6-C7B1424FFAFD}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
The Room (HKLM-x32\...\The Room_is1) (Version:  - Fireproof Games)
The Walking Dead: Season 2 Episode 3 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - Hi-Rez Studios)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version:  - )
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.078 - Aten International Co., Ltd.)
Unity Web Player (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
UpdateChecker (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Popajar, inc UpdateChecker) (Version:  - Popajar, inc) <==== ATTENTION
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warsow 1.02 (HKLM-x32\...\{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1) (Version: 1.02 - Chasseur de bots)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.0.9.8.MultiLanguage - )
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.14260 - WinZip International LLC)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
XSplit Broadcaster (HKLM-x32\...\{4BC33FAB-4249-44D7-88A3-22682C577EE3}) (Version: 1.3.1310.1103 - SplitMediaLabs)
Yet Another Zombie Defense (HKLM-x32\...\WWV0QW5vdGhlclpvbWJpZURlZmVuc2U=_is1) (Version: 1 - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

25-11-2014 18:02:53 Installed Hi-Rez Studios Games
25-11-2014 18:06:46 DirectX wurde installiert
06-12-2014 20:39:55 Installiert XIII
06-12-2014 20:45:25 Installiert XIII
06-12-2014 20:59:38 Installiert XIII
06-12-2014 21:03:44 Installiert XIII
06-12-2014 21:06:50 Installiert XIII
06-12-2014 21:11:01 Installiert XIII
06-12-2014 21:21:16 Installiert XIII
06-12-2014 21:24:03 Installiert XIII
06-12-2014 21:34:57 Installiert XIII
09-12-2014 09:34:09 Installiert Street Fighter X Tekken
09-12-2014 19:37:30 Removed Passware Kit Basic Demo 13.5 (32-bit)
09-12-2014 19:39:42 avast! antivirus system restore point
09-12-2014 19:40:28 Removed Microsoft Games for Windows - LIVE Redistributable
09-12-2014 19:45:20 Removed Hi-Rez Studios Games
10-12-2014 14:28:54 DLL-Files Fixer Mi, Dez 10, 14  14:28
12-12-2014 19:39:26 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-05-13 19:28 - 00000863 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 launcher01.kalypsomedia.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08E7991B-1383-4377-BEDA-14D0F26A7409} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {0C3CB652-4410-4852-A2B5-C433841839BC} - System32\Tasks\{B960A761-DB7D-441F-B492-F36E2AD2345F} => C:\Users\David\Desktop\IGG-The.Escapists.0.792\Neuer Ordner\The Escapists\TheEscapists.exe
Task: {15F2A646-5DE5-485A-9213-E4A7D2670688} - System32\Tasks\{848CE327-C827-4159-A571-79A8981EFB54} => pcalua.exe -a "C:\Program Files (x86)\Portal\Portal.exe" -d "C:\Program Files (x86)\Portal\portal\sound\weapons\rocket"
Task: {177D876B-F170-4499-A814-BAF6AD943E35} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {1DAA2393-F7FE-40DC-A291-FC977EB52FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {29B81785-BB2F-48E5-839A-E4F452EF813F} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-5 No Task File <==== ATTENTION
Task: {2CF4A184-DFBF-43E1-AF67-51A887F04F49} - System32\Tasks\{0A7E012B-4D8E-48BB-A719-4A57FD4D2C28} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\bin\addoninstaller.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm" -c /register
Task: {2D1E89ED-BF8E-4919-874C-2A3A070F535E} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {31B454B7-8A78-4193-8B39-D962AD5311E5} - System32\Tasks\{2E1BC973-FB55-475C-AB91-7E2AF64512AA} => pcalua.exe -a E:\Redist\vcredist_x86.exe -d E:\Redist
Task: {338E5D4B-85B6-4EA3-A476-A8D6B0000820} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2014-12-02] (Nico Mak Computing)
Task: {3399E5F2-A952-4774-B30D-CB0073EBB4C2} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-1 No Task File <==== ATTENTION
Task: {3817BD51-2743-4031-BAE8-66415FA67768} - System32\Tasks\{C70F2032-FF8C-4D1C-A97B-C8186CB7C12A} => pcalua.exe -a C:\Users\David\Desktop\serioussam.exe -d C:\Users\David\Desktop
Task: {39FC84F7-631F-48DD-98D9-2A1E0E55A17D} - System32\Tasks\{868495F6-ECBD-4925-81F3-720A2EE1E54A} => pcalua.exe -a C:\Users\David\Downloads\dxwebsetup(1).exe -d C:\Users\David\Downloads
Task: {3F572DED-F780-4880-B653-DEA49C7D78CF} - System32\Tasks\Launch 19578 => C:\Program Files (x86)\YTDownloader\YTDownloader.exe
Task: {4244BFD1-7259-4908-873E-EE86BC202A69} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {477F45F8-5B79-4B1D-BEFC-08AD95E39AC1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {4908111F-2CEB-4649-89F6-211BC6CCD24B} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-5_user No Task File <==== ATTENTION
Task: {4B5EBD70-2C5A-4674-BFD9-41A26A902DB5} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-4 No Task File <==== ATTENTION
Task: {4D47168B-2802-4D1E-B252-0D1E997C5766} - System32\Tasks\{065B4F65-EC5A-406A-B1BF-51665159EE90} => pcalua.exe -a "C:\Program Files (x86)\Alientrap Games Inc\Capsized\Dependencies\dotnetfx35.exe" -d "C:\Program Files (x86)\Alientrap Games Inc\Capsized\Dependencies"
Task: {52096399-6CB7-4D23-8447-7BB4A6E198BA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {526BBCEA-16B6-43E9-81CC-A3B42891661C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {556A8282-344D-475C-AC3C-9C3A62004FE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {601C76F1-93F4-4124-ABDF-DEEE85043577} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
Task: {66DBEAE5-CE4D-4310-B480-2E2DE6D1EB06} - System32\Tasks\{E185E58D-45E6-484E-9487-A57A3278B40F} => E:\Install.exe
Task: {68B169C3-1246-48A2-9217-64F8B58ED286} - System32\Tasks\{EA2934C7-4D43-4F47-8E36-9314EFB5FA20} => pcalua.exe -a "C:\Users\David\Desktop\Desktop\Bioshock\IGG-Bioshock.1\Bioshock\#README#\DirectX 9c (2007)\DXSETUP.exe" -d "C:\Users\David\Desktop\Desktop\Bioshock\IGG-Bioshock.1\Bioshock\#README#\DirectX 9c (2007)"
Task: {69E2DEA5-63B2-460A-9855-B92AD52005D0} - System32\Tasks\{A36C69E5-17AC-4B1D-A6D6-FE418062131A} => pcalua.exe -a C:\Users\David\Desktop\uc232a_win7_xp_vista_v1.0.075-alternativ\UC232A_Windows_Setup_V1.0.075.exe -d C:\Users\David\Desktop\uc232a_win7_xp_vista_v1.0.075-alternativ
Task: {6A276532-1B42-412E-9F2B-1E58474A60A9} - System32\Tasks\{4D6378C9-1B39-4645-82D6-B50B2003D818} => pcalua.exe -a C:\Users\David\Desktop\IGG-Return.to.Blockland\IGG-Return.to.Blockland\RTB1045full.exe -d C:\Users\David\Desktop\IGG-Return.to.Blockland\IGG-Return.to.Blockland
Task: {6BBDBD42-4139-4F50-B00E-2C2D9987B4A6} - System32\Tasks\{32EA14EE-1B21-4161-9767-0E05A2B92C30} => pcalua.exe -a C:\Users\David\Desktop\UC232A_Windows_Setup_V1.0.075.exe -d C:\Users\David\Desktop
Task: {6D192E25-7783-4387-A04E-B0279B611274} - System32\Tasks\{FC85E084-C44F-41A8-96F7-9210F9904A27} => pcalua.exe -a "C:\Program Files (x86)\Capcom\Street Fighter X Tekken\GDFInstall.exe" -d "C:\Program Files (x86)\Capcom\Street Fighter X Tekken"
Task: {7116F832-9A52-4090-9472-CDAD522A2193} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: {789E3437-C6A7-4D51-8269-F726A864FC4C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-11-17] (Microsoft Corporation)
Task: {7A5CEB00-1B27-4B83-9D16-EE48E67BD9F3} - System32\Tasks\{4BA1C9B7-C196-4EA4-83DE-BB4F70D02D3D} => pcalua.exe -a C:\Users\David\Downloads\setup_de.exe -d C:\Users\David\Downloads
Task: {7B2B34F5-4085-437A-BFC2-4B5518027C67} - System32\Tasks\Opera scheduled Autoupdate 1402378750 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {80B8BCC2-F133-4E22-89AD-70DBEAA90AB1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {8317E2A9-1065-4444-9FAA-4322085FFFE6} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-11 No Task File <==== ATTENTION
Task: {84DF353C-8801-4DCC-963F-F52A76FA2BD5} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {8E14E3F8-2F52-4F82-AE5B-EBEFABB5C164} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {906835B0-AB40-4461-BA83-E5B4C9C0E0A5} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-2 No Task File <==== ATTENTION
Task: {90FA3741-5BE2-4C4D-8EDD-BF24C662DA32} - System32\Tasks\{4B9F3708-561A-4736-9DA8-62AE7BDC499D} => pcalua.exe -a "C:\Users\David\Downloads\uc232a_windows_setup_v1.0.078 (1)\UC232A_Windows_Setup.exe" -d "C:\Users\David\Downloads\uc232a_windows_setup_v1.0.078 (1)"
Task: {927EAAA0-F2E1-4579-AA90-FB15E55C699E} - System32\Tasks\{4DC151BF-6976-44B0-9444-E099F0FA40AA} => E:\Install.exe
Task: {A078D10B-62C5-4164-8F15-0F1C8D4B5FF2} - System32\Tasks\{AFF2F52F-EF43-4E4B-B7C3-AF306358CAFF} => pcalua.exe -a C:\Users\David\Desktop\desktop\igneous_setup\igneous_setup.exe -d C:\Users\David\Desktop\desktop\igneous_setup
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A6055463-7302-474B-B41F-97B6DCFE80A3} - System32\Tasks\{30B6B71D-360A-4990-A89F-CDD344DC9335} => E:\Install.exe
Task: {A6502404-9038-4665-B2D8-8B18A07BDA5F} - System32\Tasks\{3798E432-BD79-4B0C-B9C8-6302DA50E04B} => pcalua.exe -a E:\Downloads\dotnetfx2.exe -d E:\Downloads
Task: {B01CD576-E006-4C2D-8B6A-2098664AAEBE} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {B18DF795-9544-4CC8-B4C2-58513749B5C5} - System32\Tasks\{A7DB6150-3B52-4F49-9F91-FBC0624BFD61} => C:\Program Files (x86)\Black Box\Portal 2\portal2.exe [2012-02-21] ()
Task: {B954B984-0A79-473C-9A00-EFB479BF2BC2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {C3C95896-ADFC-454C-AE05-C23335A93F78} - System32\Tasks\{508081F0-5FC7-4271-8CDC-1E61763ECB6A} => pcalua.exe -a "C:\Users\David\Desktop\Desktop\CD\emedia 1\games\Erotik\Bustout\bo3dinst.exe" -d "C:\Users\David\Desktop\Desktop\CD\emedia 1\games\Erotik\Bustout"
Task: {C993D452-E6BE-465A-9177-FC9B217B1B3F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-11-17] (Microsoft Corporation)
Task: {CBB4A1C4-B70A-4BE3-86FD-D58C1F7DE5B1} - System32\Tasks\{860E53FE-8F1F-45E9-BA57-D276414F06DB} => pcalua.exe -a C:\Users\David\Downloads\vcredist_x86.exe -d C:\Users\David\Downloads
Task: {CCEF0C18-19F2-49F5-8EC2-85CAB08653AE} - System32\Tasks\{5C16AEF4-46C9-49A6-9611-1E112B28285F} => E:\Install.exe
Task: {D2ED6DBE-2412-4FB2-841F-ED4407593AEC} - System32\Tasks\RegCure Pro_sch_3B8CEF59-2AF0-11E4-8A6A-DC0EA11D82FE => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
Task: {D817B95F-878F-403C-9983-AF7E963D183D} - System32\Tasks\{0C44E482-14D5-44D4-BED0-95F68DAA076B} => E:\Install.exe
Task: {E0974176-D160-47A1-A820-923295320CC2} - System32\Tasks\{E2709E61-FC50-47E8-B8E6-B63C51EF9AAA} => pcalua.exe -a C:\Users\David\Downloads\dxwebsetup(2).exe -d C:\Users\David\Downloads
Task: {E0D99CE9-E454-40D0-BC5F-63DFFECC6D23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E9B2832A-8D63-4EF9-B5F2-8A3F4F46CEF7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {F1806FB5-7B15-4EE1-B354-815611539264} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-17] (Microsoft Corporation)
Task: {F565E689-75FD-466B-A601-2D52FBFFFBB3} - System32\Tasks\{6C8B5439-577B-46BA-8421-3D94A2A0E99A} => pcalua.exe -a C:\Users\David\Desktop\Joy2Mouse3.exe -d C:\Users\David\Desktop
Task: {FCAB90B4-8FD1-4020-A4CC-62C286707DEC} - System32\Tasks\Open Chrome => Chrome.exe --new-window hxxp://toolbar.avg.com/almost-done?pid=avg&amp;lang=de
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro_sch_3B8CEF59-2AF0-11E4-8A6A-DC0EA11D82FE.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-09-02 14:40 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-06-04 18:59 - 2014-09-04 08:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-09 19:42 - 2014-12-09 19:42 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-09 19:42 - 2014-12-09 19:42 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-12-18 17:00 - 2014-12-18 17:00 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121800\algo.dll
2014-12-09 19:42 - 2014-12-09 19:43 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-18 18:42 - 2014-12-18 18:42 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121801\algo.dll
2014-12-13 13:26 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-12-13 13:26 - 2014-12-02 11:26 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-05-14 16:33 - 2013-05-14 16:33 - 00002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro Advanced\MSIMG32.dll
2014-12-09 19:43 - 2014-12-09 19:43 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-11-17 19:20 - 2014-11-17 19:20 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: BBSvc => 3
MSCONFIG\Services: BBUpdate => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: EgisTec Ticket Service => 3
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: savesenselive => 2
MSCONFIG\Services: savesenselivem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SmdmFService => 2
MSCONFIG\Services: SrvUpdater => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
MSCONFIG\Services: Wpm => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BumpTop.lnk => C:\Windows\pss\BumpTop.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BumpTop.lnk => C:\Windows\pss\BumpTop.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk => C:\Windows\pss\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe" -autorun
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Users\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LightShot => C:\Users\David\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\David\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SearchProtect => C:\Users\David\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WebcamMaxAutoRun => "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\David\AppData\Roaming\Yontoo\YontooDesktop.exe"
MSCONFIG\startupreg: ZALFree => "C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe" /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-3466399659-1618858318-3356278196-500 - Administrator - Disabled)
David (S-1-5-21-3466399659-1618858318-3356278196-1001 - Administrator - Enabled) => C:\Users\David
Gast (S-1-5-21-3466399659-1618858318-3356278196-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3466399659-1618858318-3356278196-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3466399659-1618858318-3356278196-1000 - Limited - Enabled) => C:\Users\UpdatusUser
user (S-1-5-21-3466399659-1618858318-3356278196-1006 - Limited - Enabled) => C:\Users\user

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2014 06:39:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 06:39:29 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2014 06:35:56 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 3800 (0xed8)

Thread address : 0x000000007728132A

Thread message : 

 Build VSCORE.14.4.0.387 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1ccbba32a1975d7-8a9bc5c0.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (12/18/2014 06:06:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 06:06:01 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2014 05:35:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 05:34:48 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2014 05:29:08 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2132 (0x854)

Thread address : 0x000000007748132A

Thread message : 

 Build VSCORE.14.4.0.387 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1ccbba32a1975d7-8a9bc5c0.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (12/18/2014 04:59:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 04:58:44 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (12/18/2014 06:44:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (12/18/2014 06:40:10 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/18/2014 06:39:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (12/18/2014 06:39:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/18/2014 06:38:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎18.‎12.‎2014 um 18:36:28 unerwartet heruntergefahren.

Error: (12/18/2014 06:07:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/18/2014 06:06:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (12/18/2014 06:05:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/18/2014 06:04:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎18.‎12.‎2014 um 18:03:14 unerwartet heruntergefahren.

Error: (12/18/2014 05:35:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F319F1B8-7587-4146-AF9C-0D6D77819BF1}


Microsoft Office Sessions:
=========================
Error: (12/18/2014 06:39:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 06:39:29 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2014 06:35:56 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003800 (0xed8)0x000000007728132A
 Build VSCORE.14.4.0.387 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1ccbba32a1975d7-8a9bc5c0.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (12/18/2014 06:06:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 06:06:01 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2014 05:35:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 05:34:48 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2014 05:29:08 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900002132 (0x854)0x000000007748132A
 Build VSCORE.14.4.0.387 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1ccbba32a1975d7-8a9bc5c0.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (12/18/2014 04:59:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2014 04:58:44 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 8043.86 MB
Available physical RAM: 5508.51 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 12752.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (DAVID-Acer) (Fixed) (Total:913.41 GB) (Free:144.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9A7C392E)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Ich hoffe es hilft und ich habe alles richtig gemacht...

Alt 18.12.2014, 20:32   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    HP Photo Creations

    UpdateChecker


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Zitat:
C:\Windows\expstart.exe
Diese Datei bitte mal bei www.virustotal.com scannen lassen, Link zum Ergebnis hier posten.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.12.2014, 18:41   #6
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Ich habe jetzt beide Programme deinstallliert und die EXE geprüft...
Hier der Link zum Ergebnis: https://www.virustotal.com/de/file/626ead080bb87441c13192a0ac263112962314de20d6cbe8259d76bad516b880/analysis/1419098791/

https://www.virustotal.com/de/file/626ead080bb87441c13192a0ac263112962314de20d6cbe8259d76bad516b880/analysis/1419098791/

Alt 21.12.2014, 15:43   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.12.2014, 11:38   #8
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Wie lange dauert der Scan (oder so...) von Combofix ca. ?
Müsste das dann irgendwie einplanen...

Alt 23.12.2014, 10:53   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Zwischen 10 Minuten und ner halben Stunde, in der Regel.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.12.2014, 07:31   #10
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Beim ersten Versuch ist mein PC beim "Löschen von Ordnern" wieder abgestürzt...
Nach einem Neustart wurde ist es dann auch fertig geworden.

Hier Combofix.txt :
Code:
ATTFilter
ComboFix 14-12-14.01 - David 22.12.2014  20:22:22.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.8044.6032 [GMT 1:00]
ausgeführt von:: c:\users\David\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee  Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Im Speicher befindliches AV aktiv.
.
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
C:\install.exe
c:\programdata\ntuser.pol
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\David\AppData\Local\assembly\tmp
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\background.html
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\lsdb.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\manifest.json
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\David\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\David\AppData\Roaming\Love
c:\users\David\AppData\Roaming\Love\mari0\mappacks\portal\1-1.txt
c:\users\David\AppData\Roaming\Love\mari0\mappacks\portal\settings.txt
c:\users\David\AppData\Roaming\Love\mari0\mappacks\smb\1-1.txt
c:\users\David\AppData\Roaming\Love\mari0\options.txt
c:\users\David\AppData\Roaming\Microsoft\Windows\Recent\AirMech.url
c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\extensions\iircg12@z-fbtwu.org
c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\extensions\iircg12@z-fbtwu.org\bootstrap.js
c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\extensions\iircg12@z-fbtwu.org\chrome.manifest
c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\extensions\iircg12@z-fbtwu.org\content\bg.js
c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\extensions\iircg12@z-fbtwu.org\install.rdf
c:\users\David\Favorites\Joy2Mouse3.exe
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\background.html
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\lsdb.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\manifest.json
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\background.html
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\lsdb.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\manifest.json
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\background.html
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\content.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\lsdb.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\manifest.json
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\background.html
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\content.js
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\lsdb.js
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\manifest.json
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\newtab.html
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmpA565.tmp
c:\windows\SysWow64\tmpA586.tmp
c:\windows\SysWow64\tmpB136.tmp
c:\windows\SysWow64\X86
c:\windows\wininit.ini
C:\WindowsALGER.tt2
C:\WindowsARIALN.tt2
C:\WindowsARIALNB.tt2
C:\WindowsARIALNBI.tt2
C:\WindowsARIALNI.tt2
C:\WindowsBAUHS93.tt2
C:\WindowsHARLOWSI.tt2
C:\WindowsMSJH.tt2
C:\WindowsMSJHBD.tt2
C:\WindowsMSYH.tt2
C:\WindowsMSYHBD.tt2
C:\WindowsVIVALDII.tt2
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-22 bis 2014-12-22  ))))))))))))))))))))))))))))))
.
.
2014-12-22 19:37 . 2014-12-22 19:37	--------	d-----w-	c:\users\user\AppData\Local\temp
2014-12-22 19:37 . 2014-12-22 19:37	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-12-22 19:37 . 2014-12-22 19:37	--------	d-----w-	c:\users\qwertzasdfghyxcvbn\AppData\Local\temp
2014-12-22 19:37 . 2014-12-22 19:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-12-20 18:21 . 2014-12-20 18:21	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-12-18 17:48 . 2014-12-18 17:52	--------	d-----w-	C:\FRST
2014-12-13 13:17 . 2014-11-13 11:20	71400	----a-w-	c:\windows\system32\drivers\KeyCrypt64.sys
2014-12-13 13:17 . 2014-12-13 13:17	--------	d-----w-	c:\program files (x86)\KeyCryptSDK
2014-12-13 13:17 . 2014-12-13 13:17	--------	d-----w-	c:\program files (x86)\Zemana AntiLogger Free
2014-12-13 13:17 . 2014-12-13 13:17	--------	d-----w-	c:\users\David\AppData\Local\AntiLogger Free
2014-12-13 12:30 . 2013-09-20 09:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2014-12-13 12:30 . 2014-12-13 13:50	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2014-12-13 12:30 . 2014-12-13 12:40	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2014-12-13 12:26 . 2014-12-20 19:23	--------	d-----w-	c:\users\David\AppData\Roaming\Nico Mak Computing
2014-12-12 18:09 . 2014-12-12 18:21	--------	d-----w-	c:\users\David\AppData\Roaming\Dungeonmans
2014-12-10 17:13 . 2014-12-10 17:13	--------	d-----w-	c:\users\David\AppData\Roaming\com.stateofplaygames.LuminoCity
2014-12-10 13:20 . 2014-12-10 13:20	15453832	----a-w-	c:\windows\SysWow64\xlive.dll
2014-12-10 13:19 . 2014-12-10 13:19	--------	d-----w-	c:\programdata\Logs
2014-12-10 13:19 . 2014-06-10 11:27	19392	----a-w-	c:\windows\system32\roboot64.exe
2014-12-10 12:39 . 2014-12-10 12:40	--------	d-----w-	c:\windows\SysWow64\vbox
2014-12-10 12:39 . 2014-12-10 12:40	--------	d-----w-	c:\windows\system32\vbox
2014-12-09 18:44 . 2014-12-09 18:43	364512	----a-w-	c:\windows\system32\aswBoot.exe
2014-12-09 18:43 . 2014-12-09 18:43	43152	----a-w-	c:\windows\avastSS.scr
2014-12-09 17:32 . 2014-12-09 17:32	--------	d-----w-	c:\users\David\AppData\Roaming\Yacht Club Games
2014-12-09 08:44 . 2009-09-04 16:29	1892184	----a-w-	c:\windows\SysWow64\D3DX9_42.dll
2014-12-09 08:43 . 2007-03-15 15:57	506728	----a-w-	c:\windows\system32\d3dx10_33.dll
2014-12-09 08:34 . 2014-12-09 08:34	--------	d-----w-	c:\program files (x86)\Capcom
2014-12-09 08:32 . 2014-12-09 08:32	--------	d-----w-	C:\GOG Games
2014-12-08 16:43 . 2014-12-12 14:40	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-08 16:43 . 2014-12-12 14:40	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-08 10:54 . 2014-12-08 10:54	820072	----a-w-	c:\program files\Common Files\System\SysMenu64.dll
2014-12-08 10:54 . 2014-12-08 10:54	649064	----a-w-	c:\program files\Common Files\System\SysMenu.dll
2014-12-08 07:18 . 2014-12-08 07:18	--------	d-----w-	c:\users\David\AppData\Roaming\11bitstudios
2014-12-08 07:04 . 2014-12-08 07:04	--------	d-----w-	C:\Downloads
2014-12-08 06:58 . 2014-12-08 07:02	--------	d-----w-	c:\users\David\AppData\Local\qbqbqb
2014-12-08 06:58 . 2014-12-08 06:58	--------	d-----w-	c:\program files (x86)\QbQbQb
2014-12-06 19:42 . 2003-04-18 23:39	6659	----a-w-	c:\windows\SysWow64\TANDPL.VXD
2014-12-06 19:42 . 2003-04-18 23:32	4736	----a-w-	c:\windows\SysWow64\drivers\tandpl.sys
2014-12-06 19:42 . 2003-03-02 16:44	7552	----a-w-	c:\windows\SysWow64\drivers\enodpl.sys
2014-12-06 19:42 . 2001-08-31 14:16	6532	----a-w-	c:\windows\SysWow64\ENODPL.VXD
2014-12-06 19:01 . 2014-12-06 19:01	--------	d-----w-	c:\users\David\AppData\Roaming\fr.ratzngodz.1Quest
2014-12-02 18:10 . 2014-12-08 09:24	--------	d-----w-	c:\users\David\AppData\Local\GeometryWars3Dimensions
2014-12-02 17:17 . 2014-12-02 17:17	--------	d-----w-	c:\program files (x86)\Sierra Activision Aspyr
2014-12-02 16:44 . 2014-12-02 17:22	--------	d-----w-	c:\program files (x86)\Darksiders II
2014-11-25 17:30 . 2014-11-25 17:30	--------	d-----w-	c:\users\David\AppData\Local\Daedalic Entertainment GmbH
2014-11-25 17:28 . 2014-11-25 17:28	--------	d-----w-	c:\program files (x86)\Running With Scissors
2014-11-25 17:07 . 2014-11-25 17:07	--------	d-----w-	c:\program files (x86)\Microsoft Chart Controls
2014-11-25 17:07 . 2010-05-26 10:41	2106216	----a-w-	c:\windows\SysWow64\D3DCompiler_43.dll
2014-11-25 17:03 . 2014-12-09 18:45	--------	d-----w-	c:\programdata\Hi-Rez Studios
2014-11-25 17:03 . 2014-12-09 18:45	--------	d-----w-	c:\program files (x86)\Hi-Rez Studios
2014-11-25 13:27 . 2014-11-25 13:39	--------	d-----w-	c:\program files (x86)\Randal's Monday
2014-11-24 18:32 . 2014-11-24 18:32	--------	d-----w-	c:\users\David\AppData\Roaming\Carbon
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-09 18:44 . 2014-05-27 16:19	1050432	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-12-09 18:43 . 2014-05-27 16:29	116728	----a-w-	c:\windows\system32\drivers\aswstm.sys
2014-12-09 18:43 . 2014-05-27 16:19	436624	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-12-09 18:43 . 2014-05-27 16:19	267632	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-12-09 18:43 . 2014-05-27 16:29	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-12-09 18:43 . 2014-05-27 16:19	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-12-09 18:43 . 2014-05-27 16:19	83280	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-12-09 18:43 . 2014-05-27 16:19	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-11-17 18:53 . 2014-11-17 18:46	2228	----a-w-	c:\windows\system32\ASOROSet.bin
2014-11-17 18:24 . 2014-09-02 13:45	590536	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-10-02 17:22 . 2014-10-02 17:06	49152	----a-w-	c:\windows\IsUninst.exe
2014-09-29 16:31 . 2014-09-29 16:29	188896	----a-w-	c:\programdata\Microsoft\VCSExpress\10.0\1031\ResourceCache.dll
2014-09-29 16:26 . 2014-09-29 16:26	2104054	----a-w-	c:\windows\SysWow64\Cat Licking Screen Saver.scr
2014-09-29 16:25 . 2014-09-29 16:25	1807938	----a-w-	c:\windows\SysWow64\Licking Dog Screen Clean.scr
2014-09-27 14:54 . 2014-09-27 14:49	925184	----a-w-	c:\windows\expstart.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-17 18:28	1729752	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-17 18:28	1729752	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-17 18:28	1729752	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-21 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-12 5227112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\KEYCRY~1\KeyCrypt32(1).dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at64.sys;c:\windows\SYSNATIVE\DRIVERS\ser2at64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R4 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R4 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R4 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R4 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys;c:\windows\SYSNATIVE\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt64.sys;c:\windows\SYSNATIVE\DRIVERS\KeyCrypt64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-14 17:12	1087816	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-08 14:40]
.
2014-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 06:59]
.
2014-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 06:59]
.
2014-09-22 c:\windows\Tasks\Open Chrome.job
- c:\program files (x86)\Google\Chrome\Application\chrome.exe [2013-09-04 01:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-17 18:28	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-17 18:28	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-17 18:28	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-09 18:43	860984	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-14 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-14 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-14 442352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KEYCRY~1\KeyCrypt64(1).dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-NextSTART - (no file)
Wow6432Node-HKLM-Run-Workshelf - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-Zug Um Zug - c:\windows\IsUn0407.exe
AddRemove-Spacebar Simulator 2014 - c:\users\David\Desktop\Spacebar_Simulator_2014_Beta_v0.86\Spacebar Simulator 2014\uninstall.exe
AddRemove-UnityWebPlayer - c:\users\David\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3466399659-1618858318-3356278196-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:19,5e,3f,3f,d0,d7,5a,a5,ab,77,89,a7,2a,de,e6,37,08,27,dd,66,1c,4a,cf,
   0e,aa,1e,33,ec,99,33,15,d8,ac,c8,3f,5b,48,f9,0a,78,1b,d9,84,3c,87,e3,65,25,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-12-22  20:40:29
ComboFix-quarantined-files.txt  2014-12-22 19:40
.
Vor Suchlauf: 22 Verzeichnis(se), 150.321.737.728 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 150.121.664.512 Bytes frei
.
- - End Of File - - 839AECA8FF220F8E918815003F25E1AE
         
Das Problem ist leider noch nicht behoben

Combofix ist übrigens gerade einfach von meinem Desktop verschwunden...
Ich habe schon danach suchen lassen, ist aber nicht mehr da...

Bei Chrome Downloads steht bei dem Download von ComboFix.exe entfernt...

(Nur "entfernt" nicht "von ComboFix.exe entfernt")

Alt 28.12.2014, 18:23   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Wir sind ja auch noch nicht fertig


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.12.2014, 13:28   #12
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



also hier schon mal mbam.txt :
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 29.12.2014 11:58:07, SYSTEM, DAVID-ACER, Protection, Malware Protection, Starting, 
Protection, 29.12.2014 11:58:07, SYSTEM, DAVID-ACER, Protection, Malware Protection, Started, 
Protection, 29.12.2014 11:58:07, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Starting, 
Protection, 29.12.2014 11:58:10, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Started, 
Update, 29.12.2014 12:01:13, SYSTEM, DAVID-ACER, Manual, Rootkit Database, 2014.11.18.1, 2014.12.23.2, 
Update, 29.12.2014 12:01:15, SYSTEM, DAVID-ACER, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, 
Update, 29.12.2014 12:01:16, SYSTEM, DAVID-ACER, Manual, Malware Database, 2014.11.20.6, 2014.12.29.4, 
Protection, 29.12.2014 12:01:16, SYSTEM, DAVID-ACER, Protection, Refresh, Starting, 
Protection, 29.12.2014 12:01:16, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Stopping, 
Protection, 29.12.2014 12:01:16, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Stopped, 
Protection, 29.12.2014 12:01:22, SYSTEM, DAVID-ACER, Protection, Refresh, Success, 
Protection, 29.12.2014 12:01:22, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Starting, 
Protection, 29.12.2014 12:01:22, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Started, 
Protection, 29.12.2014 12:39:19, SYSTEM, DAVID-ACER, Protection, Malware Protection, Starting, 
Protection, 29.12.2014 12:39:20, SYSTEM, DAVID-ACER, Protection, Malware Protection, Started, 
Protection, 29.12.2014 12:39:20, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Starting, 
Protection, 29.12.2014 12:41:02, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Started, 
Protection, 29.12.2014 13:34:30, SYSTEM, DAVID-ACER, Protection, Malware Protection, Starting, 
Protection, 29.12.2014 13:34:30, SYSTEM, DAVID-ACER, Protection, Malware Protection, Started, 
Protection, 29.12.2014 13:34:30, SYSTEM, DAVID-ACER, Protection, Malicious Website Protection, Starting, 

(end)
         
Ich habe es zwei mal versucht, aber mein PC ist während dem Scan immer abgestürzt... Es wurden davor 6 Dinge, ich glaube bei dem Punkt mit der Resistrierung, gefunden die jetzt aber jetzt nicht in der Quarantäne sind.
Soll ich nachdem diese 6 Dinge gefunden wurden den Scan abbrechen? Dann könnte ich sie vielleicht in die Quarantäne verschieben...

Hier das von adwcleaner:
Code:
ATTFilter
# AdwCleaner v4.106 - Bericht erstellt am 29/12/2014 um 13:58:26
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-28.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : David - DAVID-ACER
# Gestartet von : C:\Users\David\Desktop\Desktop\#ANTI\adwcleaner\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Windows\System32\roboot64.exe

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v28.0 (en-US)


-\\ Google Chrome v39.0.2171.95


-\\ Chromium v


-\\ Comodo Dragon v


-\\ Opera v26.0.1656.60


*************************

AdwCleaner[R10].txt - [1308 octets] - [08/12/2014 15:52:43]
AdwCleaner[R11].txt - [4836 octets] - [09/12/2014 19:51:12]
AdwCleaner[R12].txt - [4668 octets] - [09/12/2014 19:56:38]
AdwCleaner[R13].txt - [1753 octets] - [29/12/2014 13:54:03]
AdwCleaner[R7].txt - [22716 octets] - [06/10/2014 17:50:26]
AdwCleaner[R8].txt - [1376 octets] - [07/10/2014 07:04:51]
AdwCleaner[R9].txt - [2048 octets] - [17/11/2014 20:01:47]
AdwCleaner[S10].txt - [4661 octets] - [09/12/2014 20:03:50]
AdwCleaner[S11].txt - [1432 octets] - [29/12/2014 13:58:26]
AdwCleaner[S6].txt - [22297 octets] - [06/10/2014 18:06:58]
AdwCleaner[S7].txt - [1437 octets] - [07/10/2014 07:07:48]
AdwCleaner[S8].txt - [2109 octets] - [17/11/2014 20:05:30]
AdwCleaner[S9].txt - [1369 octets] - [08/12/2014 15:58:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [1734 octets] ##########
         
Bei adwcleaner ist alles gut verlaufen, bis auf das neustarten...
Bei dem Herunterfahren-Bildschirm ist er wieder stehen geblieben.
Die TXT-Datei hat sich trotzdem geöffnet...

Okay hier ist jetzt JRT.txt:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by David on 29.12.2014 at 14:11:33,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update webspades
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webspades



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\David\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{009575A0-5D84-4136-A2E8-B04F94B8405C}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{27594447-F198-4119-A552-4B3853F673CE}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{2B69CDC1-3BF5-4423-9344-BD81BC9984C6}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{36378FF9-9C24-46FA-B66B-5B4BC117922E}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{3F45AF29-7764-4E05-A99F-8E82E0C93165}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{491BA16E-C27B-4191-A2DF-4631A951FA1F}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{7EF026E1-097E-4F0D-852A-871D3B861477}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{7FCFE74E-6AFD-4941-B3D0-BDCE8E4AD8C1}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{96DF4CF5-10EC-48C7-A709-990E2134A687}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{AA8FB25B-B491-47BA-9BC6-8843906934C1}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{B071EAAE-B231-4255-B48A-343F4A135DE3}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{B90CAE87-9721-4B15-BEEA-773CA5918132}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{C249F142-C2A5-44FF-91CA-C7A283B817F6}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{C437D4BF-8ED2-4794-857A-CF6C26DD8414}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{C96C3BD2-7AB4-4375-9658-2C6C3CFB58DE}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{D2218F7C-8198-4065-806E-181544B971C6}
Successfully deleted: [Empty Folder] C:\Users\David\appdata\local\{E1F21F38-D468-4071-9164-FA54FF95A5AD}



~~~ FireFox

Successfully deleted the following from C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\3cglpxv0.default-1388087379042\prefs.js

user_pref("extensions.8Otk3Fi.url", "hxxp://getyourfilespot.com/sync/?q=hfZ9ofV9CShEAen0qjC7tMqLDe49CNU0nlnMCMlNhd9Fqda6rdCFrTwGrjgMAe4Uojs5rHn9rTg7qdaFrHU4pjn8rdUMC6qUojr4pdg
user_pref("extensions.vV98y01jY.epoch", "1");
user_pref("extensions.vV98y01jY.scode", "void(0);");
user_pref("extensions.vV98y01jY.url", "hxxp://getitnowfast.com/sync/?q=hfZ9ofDSBShEAen0qjC7tMqLDe49CNU0nlnMCMlNhd9Fqda6rdYEqHnFrHwMAe4Uojs5rHn9rTg7qdaFrHU4pjn8rdUMC6qUojCGrTn4
Emptied folder: C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\3cglpxv0.default-1388087379042\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.12.2014 at 14:20:47,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Hier FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by David (administrator) on DAVID-ACER on 29-12-2014 14:26:11
Running from C:\Users\David\Downloads
Loaded Profiles: UpdatusUser & David (Available profiles: UpdatusUser & David & user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShellHlp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Malwarebytes Corporation) C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Malwarebytes Corporation) C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbam.exe
(Malwarebytes Corporation) C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {1fd2defc-0fd9-11e3-b382-dc0ea11d82fe} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {2812e136-d586-11e2-bdb6-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {3f0b6f0b-c1fe-11e2-8ca3-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {ae06f47d-bfea-11e2-9e09-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {ae06f48a-bfea-11e2-9e09-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KeyCrypt64(1).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [96104 2014-11-13] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KeyCrypt32(1).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [87840 2014-11-13] (Zemana Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3466399659-1618858318-3356278196-1006\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119776&tt=gc_&babsrc=SP_ss&mntrId=8A9B64273717AA4B
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0DzztB0F0E0CyD0CtDtN0D0Tzu0CyCyDyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1421656380&ir=
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3054224013274139&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120914160850.dll (McAfee, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120914160850.dll (McAfee, Inc.)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042
FF DefaultSearchUrl: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3466399659-1618858318-3356278196-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Deutsch (DE) Language Pack - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-10-14]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-02-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-27]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (TooManyTabs für Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2014-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-18]
CHR Extension: (GMX MailCheck) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-10-18]
CHR Extension: (Adblock Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-18]
CHR Extension: (Video Downloader professional) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-10-18]
CHR Extension: (Stylish) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-11-25]
CHR Extension: (Black & white Thema) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2014-11-30]
CHR Extension: (Click&Clean) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-10-18]
CHR Extension: (Audio EQ) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2014-11-02]
CHR Extension: (FVD Downloader) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-10-18]
CHR Extension: (RenameTab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkailnbloeepkajmoblllhhhckpbbncg [2014-11-25]
CHR Extension: (MuteTab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc [2014-11-02]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-08-12] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-09] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 MBAMScheduler; C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [502064 2012-08-23] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
S4 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199304 2012-05-25] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [210616 2012-05-25] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [162224 2012-05-25] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-04] ()
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [316416 2014-04-19] (Microsoft Corporation) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-22] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-04-19] (DT Soft Ltd)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [71400 2014-11-13] (Zemana Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [96256 2009-10-15] (ATEN)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-09] (Avast Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-29 14:26 - 2014-12-29 14:27 - 00030069 _____ () C:\Users\David\Downloads\FRST.txt
2014-12-29 14:26 - 2014-12-29 14:26 - 00000000 ____D () C:\Users\David\Downloads\FRST-OlderVersion
2014-12-29 14:20 - 2014-12-29 14:20 - 00003706 _____ () C:\Users\David\Desktop\JRT.txt
2014-12-29 14:11 - 2014-12-29 14:11 - 00000000 ____D () C:\Windows\ERUNT
2014-12-29 14:09 - 2014-12-29 14:09 - 00000197 _____ () C:\Windows\system32\2014-12-29-13-09-49.047-AvastVBoxSVC.exe-1016.log
2014-12-29 13:50 - 2014-12-29 13:50 - 00000197 _____ () C:\Windows\system32\2014-12-29-12-50-13.018-AvastVBoxSVC.exe-1656.log
2014-12-29 13:35 - 2014-12-29 13:35 - 00000197 _____ () C:\Windows\system32\2014-12-29-12-35-42.037-AvastVBoxSVC.exe-3120.log
2014-12-29 12:41 - 2014-12-29 12:41 - 00000197 _____ () C:\Windows\system32\2014-12-29-11-41-35.007-AvastVBoxSVC.exe-4324.log
2014-12-29 11:54 - 2014-12-29 11:54 - 00000197 _____ () C:\Windows\system32\2014-12-29-10-54-03.088-AvastVBoxSVC.exe-4716.log
2014-12-28 10:10 - 2014-12-28 10:10 - 00000197 _____ () C:\Windows\system32\2014-12-28-09-10-45.054-AvastVBoxSVC.exe-4764.log
2014-12-28 09:39 - 2014-12-28 09:39 - 00000197 _____ () C:\Windows\system32\2014-12-28-08-39-11.090-AvastVBoxSVC.exe-5680.log
2014-12-28 09:31 - 2014-12-28 09:31 - 00000000 ____D () C:\Users\David\AppData\Local\Metrocide
2014-12-28 09:08 - 2014-12-28 09:08 - 00000197 _____ () C:\Windows\system32\2014-12-28-08-08-30.032-AvastVBoxSVC.exe-5092.log
2014-12-28 08:29 - 2014-12-28 08:34 - 490788359 _____ () C:\Users\David\Downloads\easyvdr-2.0.0-64-stable.iso.crdownload
2014-12-28 08:08 - 2014-12-28 08:09 - 00000197 _____ () C:\Windows\system32\2014-12-28-07-08-57.070-AvastVBoxSVC.exe-5976.log
2014-12-22 20:40 - 2014-12-22 20:40 - 00066850 _____ () C:\ComboFix.txt
2014-12-22 20:18 - 2014-12-22 20:18 - 00000197 _____ () C:\Windows\system32\2014-12-22-19-18-53.031-AvastVBoxSVC.exe-7636.log
2014-12-22 14:58 - 2014-12-22 20:40 - 00000000 ____D () C:\Qoobox
2014-12-22 14:58 - 2014-12-22 20:38 - 00000000 ____D () C:\Windows\erdnt
2014-12-22 14:58 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-22 14:58 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-22 14:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-22 14:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-22 14:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-22 14:58 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-22 14:58 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-22 14:58 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-22 14:55 - 2014-12-22 14:55 - 00000197 _____ () C:\Windows\system32\2014-12-22-13-55-45.078-AvastVBoxSVC.exe-5076.log
2014-12-22 12:36 - 2014-12-22 12:37 - 00000197 _____ () C:\Windows\system32\2014-12-22-11-36-24.053-AvastVBoxSVC.exe-6216.log
2014-12-21 19:11 - 2014-12-21 19:11 - 00000197 _____ () C:\Windows\system32\2014-12-21-18-11-45.067-AvastVBoxSVC.exe-4688.log
2014-12-21 18:40 - 2014-12-21 18:40 - 00000197 _____ () C:\Windows\system32\2014-12-21-17-40-28.072-AvastVBoxSVC.exe-6036.log
2014-12-21 18:09 - 2014-12-21 18:09 - 00000197 _____ () C:\Windows\system32\2014-12-21-17-09-16.068-AvastVBoxSVC.exe-5644.log
2014-12-21 17:38 - 2014-12-21 17:38 - 00000197 _____ () C:\Windows\system32\2014-12-21-16-38-07.077-AvastVBoxSVC.exe-5464.log
2014-12-21 17:06 - 2014-12-21 17:07 - 00000197 _____ () C:\Windows\system32\2014-12-21-16-06-43.006-AvastVBoxSVC.exe-6168.log
2014-12-21 16:35 - 2014-12-21 16:35 - 00000197 _____ () C:\Windows\system32\2014-12-21-15-35-40.078-AvastVBoxSVC.exe-5000.log
2014-12-21 15:22 - 2014-12-21 15:22 - 00000197 _____ () C:\Windows\system32\2014-12-21-14-22-03.049-AvastVBoxSVC.exe-3444.log
2014-12-21 15:01 - 2014-12-21 15:01 - 00000197 _____ () C:\Windows\system32\2014-12-21-14-01-37.049-AvastVBoxSVC.exe-6128.log
2014-12-21 14:27 - 2014-12-21 14:27 - 00000197 _____ () C:\Windows\system32\2014-12-21-13-27-27.023-AvastVBoxSVC.exe-5808.log
2014-12-21 13:54 - 2014-12-21 13:54 - 00000197 _____ () C:\Windows\system32\2014-12-21-12-54-09.045-AvastVBoxSVC.exe-5824.log
2014-12-21 13:24 - 2014-12-21 13:25 - 00000197 _____ () C:\Windows\system32\2014-12-21-12-24-59.039-AvastVBoxSVC.exe-5640.log
2014-12-21 12:54 - 2014-12-21 12:54 - 00000197 _____ () C:\Windows\system32\2014-12-21-11-54-00.040-AvastVBoxSVC.exe-6224.log
2014-12-21 11:26 - 2014-12-21 11:26 - 00000197 _____ () C:\Windows\system32\2014-12-21-10-26-11.013-AvastVBoxSVC.exe-6960.log
2014-12-21 10:58 - 2014-12-21 10:58 - 00000197 _____ () C:\Windows\system32\2014-12-21-09-58-19.004-AvastVBoxSVC.exe-5368.log
2014-12-21 10:54 - 2014-12-29 14:04 - 00007882 _____ () C:\Windows\PFRO.log
2014-12-21 10:26 - 2014-12-21 10:26 - 00000197 _____ () C:\Windows\system32\2014-12-21-09-26-26.080-AvastVBoxSVC.exe-3556.log
2014-12-20 20:24 - 2014-12-20 20:24 - 00000197 _____ () C:\Windows\system32\2014-12-20-19-24-07.099-AvastVBoxSVC.exe-5396.log
2014-12-20 19:50 - 2014-12-20 19:50 - 00000197 _____ () C:\Windows\system32\2014-12-20-18-50-48.001-AvastVBoxSVC.exe-6456.log
2014-12-20 19:21 - 2014-12-20 19:21 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-20 19:20 - 2014-12-20 19:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup95.exe
2014-12-20 19:18 - 2014-12-20 19:18 - 00000197 _____ () C:\Windows\system32\2014-12-20-18-18-28.061-AvastVBoxSVC.exe-6004.log
2014-12-20 19:10 - 2014-12-20 19:10 - 00000000 ____D () C:\Users\David\Downloads\RevoUninstallerPortable
2014-12-20 19:09 - 2014-12-20 19:10 - 02785665 _____ (PortableApps.com) C:\Users\David\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-12-20 18:44 - 2014-12-20 18:44 - 00000197 _____ () C:\Windows\system32\2014-12-20-17-44-23.011-AvastVBoxSVC.exe-3956.log
2014-12-20 18:16 - 2014-12-20 18:16 - 00000197 _____ () C:\Windows\system32\2014-12-20-17-16-44.094-AvastVBoxSVC.exe-3972.log
2014-12-18 20:17 - 2014-12-18 20:17 - 00000197 _____ () C:\Windows\system32\2014-12-18-19-17-50.072-AvastVBoxSVC.exe-6196.log
2014-12-18 19:45 - 2014-12-18 19:45 - 00000197 _____ () C:\Windows\system32\2014-12-18-18-45-20.095-AvastVBoxSVC.exe-6352.log
2014-12-18 19:14 - 2014-12-18 19:14 - 00000197 _____ () C:\Windows\system32\2014-12-18-18-14-24.042-AvastVBoxSVC.exe-5504.log
2014-12-18 18:48 - 2014-12-29 14:26 - 00000000 ____D () C:\FRST
2014-12-18 18:44 - 2014-12-29 14:26 - 02123264 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-12-18 18:42 - 2014-12-18 18:43 - 00000197 _____ () C:\Windows\system32\2014-12-18-17-42-32.099-AvastVBoxSVC.exe-3288.log
2014-12-18 18:09 - 2014-12-18 18:09 - 00000197 _____ () C:\Windows\system32\2014-12-18-17-09-01.002-AvastVBoxSVC.exe-5636.log
2014-12-18 17:37 - 2014-12-18 17:37 - 00000197 _____ () C:\Windows\system32\2014-12-18-16-37-39.014-AvastVBoxSVC.exe-6012.log
2014-12-18 17:01 - 2014-12-18 17:01 - 00000197 _____ () C:\Windows\system32\2014-12-18-16-01-03.056-AvastVBoxSVC.exe-3468.log
2014-12-18 02:18 - 2014-12-18 02:18 - 00000197 _____ () C:\Windows\system32\2014-12-18-01-18-44.035-AvastVBoxSVC.exe-3948.log
2014-12-17 18:54 - 2014-12-17 18:55 - 00000197 _____ () C:\Windows\system32\2014-12-17-17-54-55.026-AvastVBoxSVC.exe-5736.log
2014-12-17 17:21 - 2014-12-17 17:21 - 00000280 _____ () C:\Windows\system32\2014-12-17-16-21-20.042-aswFe.exe-4584.log
2014-12-17 17:14 - 2014-12-17 17:15 - 00000197 _____ () C:\Windows\system32\2014-12-17-16-14-40.045-AvastVBoxSVC.exe-1924.log
2014-12-17 13:37 - 2014-12-17 13:37 - 00000197 _____ () C:\Windows\system32\2014-12-17-12-37-00.066-AvastVBoxSVC.exe-3872.log
2014-12-17 08:27 - 2014-12-17 08:28 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-27-59.066-AvastVBoxSVC.exe-5048.log
2014-12-17 08:22 - 2014-12-17 08:22 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-22-03.011-AvastVBoxSVC.exe-3220.log
2014-12-16 20:43 - 2014-12-16 20:48 - 04437584 _____ (FreeDownloadManager.ORG ) C:\Users\David\Downloads\fdminst-lite.exe
2014-12-16 20:37 - 2014-12-16 21:01 - 1835281604 _____ () C:\Users\David\Downloads\Burnout_Paradise_The_Ultimate_Box.iso (2).crdownload
2014-12-16 20:33 - 2014-12-16 20:33 - 00000197 _____ () C:\Windows\system32\2014-12-16-19-33-25.024-AvastVBoxSVC.exe-4356.log
2014-12-16 19:59 - 2014-12-16 19:59 - 00000197 _____ () C:\Windows\system32\2014-12-16-18-59-53.015-AvastVBoxSVC.exe-3416.log
2014-12-16 19:28 - 2014-12-16 19:28 - 00000197 _____ () C:\Windows\system32\2014-12-16-18-28-29.021-AvastVBoxSVC.exe-6908.log
2014-12-16 18:55 - 2014-12-16 18:56 - 00000197 _____ () C:\Windows\system32\2014-12-16-17-55-57.084-AvastVBoxSVC.exe-7516.log
2014-12-16 18:25 - 2014-12-16 18:25 - 00000197 _____ () C:\Windows\system32\2014-12-16-17-25-06.062-AvastVBoxSVC.exe-268.log
2014-12-16 17:50 - 2014-12-16 20:08 - 00014066 ____H () C:\Users\David\Desktop\~WRL0800.tmp
2014-12-16 17:50 - 2014-12-16 19:02 - 00012257 ____H () C:\Users\David\Desktop\~WRL1323.tmp
2014-12-16 17:48 - 2014-12-16 17:58 - 878578501 _____ () C:\Users\David\Downloads\Notfall_DVD_5.0_Free.zip
2014-12-16 17:40 - 2014-12-16 17:40 - 00000197 _____ () C:\Windows\system32\2014-12-16-16-40-24.013-AvastVBoxSVC.exe-4972.log
2014-12-15 12:58 - 2014-12-15 12:58 - 00000197 _____ () C:\Windows\system32\2014-12-15-11-58-35.064-AvastVBoxSVC.exe-5068.log
2014-12-15 12:28 - 2014-12-15 12:28 - 00000197 _____ () C:\Windows\system32\2014-12-15-11-28-35.017-AvastVBoxSVC.exe-8860.log
2014-12-14 18:35 - 2014-12-14 18:36 - 00000197 _____ () C:\Windows\system32\2014-12-14-17-35-36.049-AvastVBoxSVC.exe-5092.log
2014-12-14 18:02 - 2014-12-14 18:03 - 00000197 _____ () C:\Windows\system32\2014-12-14-17-02-45.051-AvastVBoxSVC.exe-6528.log
2014-12-14 17:30 - 2014-12-14 17:30 - 00000197 _____ () C:\Windows\system32\2014-12-14-16-30-29.001-AvastVBoxSVC.exe-4244.log
2014-12-13 14:37 - 2014-12-13 14:37 - 00000197 _____ () C:\Windows\system32\2014-12-13-13-37-12.042-AvastVBoxSVC.exe-9508.log
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\Users\David\AppData\Local\AntiLogger Free
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\Program Files (x86)\Zemana AntiLogger Free
2014-12-13 14:17 - 2014-12-13 14:17 - 00000000 ____D () C:\Program Files (x86)\KeyCryptSDK
2014-12-13 14:17 - 2014-11-13 12:20 - 00071400 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys
2014-12-13 13:58 - 2014-12-13 13:58 - 00000197 _____ () C:\Windows\system32\2014-12-13-12-58-24.096-AvastVBoxSVC.exe-8640.log
2014-12-13 13:57 - 2014-12-13 13:57 - 00130576 _____ () C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-13 13:53 - 2014-12-29 14:05 - 00003304 _____ () C:\Windows\setupact.log
2014-12-13 13:53 - 2014-12-13 13:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-13 13:52 - 2014-12-13 13:54 - 05113760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-13 13:31 - 2014-12-13 13:31 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-13 13:30 - 2014-12-13 14:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-13 13:30 - 2014-12-13 13:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-13 13:30 - 2014-12-13 13:30 - 00001405 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-12-13 13:30 - 2014-12-13 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-12-13 13:30 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-12-13 13:26 - 2014-12-20 20:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\Nico Mak Computing
2014-12-13 13:19 - 2014-12-13 13:20 - 00000197 _____ () C:\Windows\system32\2014-12-13-12-19-28.053-AvastVBoxSVC.exe-4572.log
2014-12-12 21:20 - 2014-12-12 21:20 - 00000197 _____ () C:\Windows\system32\2014-12-12-20-20-52.096-AvastVBoxSVC.exe-3652.log
2014-12-12 21:16 - 2014-12-12 21:16 - 00003408 ____N () C:\bootsqm.dat
2014-12-12 20:05 - 2014-12-12 20:05 - 00000197 _____ () C:\Windows\system32\2014-12-12-19-05-46.076-AvastVBoxSVC.exe-2796.log
2014-12-12 19:31 - 2014-12-12 19:31 - 00000197 _____ () C:\Windows\system32\2014-12-12-18-31-14.040-AvastVBoxSVC.exe-5036.log
2014-12-12 19:09 - 2014-12-12 19:21 - 00000000 ____D () C:\Users\David\AppData\Roaming\Dungeonmans
2014-12-12 18:55 - 2014-12-12 18:55 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-55-37.055-AvastVBoxSVC.exe-3956.log
2014-12-12 18:22 - 2014-12-12 18:22 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-22-35.093-AvastVBoxSVC.exe-2480.log
2014-12-12 17:50 - 2014-12-12 17:50 - 00000197 _____ () C:\Windows\system32\2014-12-12-16-50-54.007-AvastVBoxSVC.exe-4212.log
2014-12-12 15:40 - 2014-12-12 15:41 - 00000197 _____ () C:\Windows\system32\2014-12-12-14-40-44.093-AvastVBoxSVC.exe-4440.log
2014-12-12 15:04 - 2014-12-12 15:05 - 00000197 _____ () C:\Windows\system32\2014-12-12-14-04-54.059-AvastVBoxSVC.exe-4660.log
2014-12-11 13:46 - 2014-12-11 13:46 - 00000197 _____ () C:\Windows\system32\2014-12-11-12-46-28.031-AvastVBoxSVC.exe-3728.log
2014-12-11 13:13 - 2014-12-11 13:13 - 00000197 _____ () C:\Windows\system32\2014-12-11-12-13-14.032-AvastVBoxSVC.exe-3664.log
2014-12-11 11:45 - 2014-12-11 11:45 - 00000197 _____ () C:\Windows\system32\2014-12-11-10-45-08.054-AvastVBoxSVC.exe-3568.log
2014-12-10 19:52 - 2014-12-10 19:52 - 00000197 _____ () C:\Windows\system32\2014-12-10-18-52-11.067-AvastVBoxSVC.exe-4604.log
2014-12-10 18:46 - 2014-12-10 18:46 - 00000197 _____ () C:\Windows\system32\2014-12-10-17-46-33.082-AvastVBoxSVC.exe-4644.log
2014-12-10 18:13 - 2014-12-10 18:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\com.stateofplaygames.LuminoCity
2014-12-10 18:10 - 2014-12-10 18:10 - 00000197 _____ () C:\Windows\system32\2014-12-10-17-10-39.067-AvastVBoxSVC.exe-5200.log
2014-12-10 17:34 - 2014-12-10 17:34 - 00000197 _____ () C:\Windows\system32\2014-12-10-16-34-12.020-AvastVBoxSVC.exe-4136.log
2014-12-10 14:51 - 2014-12-10 14:51 - 00000197 _____ () C:\Windows\system32\2014-12-10-13-51-12.066-AvastVBoxSVC.exe-4272.log
2014-12-10 14:20 - 2014-12-10 14:20 - 15453832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xlive.dll
2014-12-10 14:13 - 2014-12-10 14:13 - 00000197 _____ () C:\Windows\system32\2014-12-10-13-13-45.099-AvastVBoxSVC.exe-8880.log
2014-12-10 13:56 - 2014-12-10 13:56 - 00000247 _____ () C:\Windows\system32\2014-12-10-12-56-45.027-aswFe.exe-3684.log
2014-12-10 13:50 - 2014-12-10 13:56 - 00000247 _____ () C:\Windows\system32\2014-12-10-12-50-32.089-aswFe.exe-3020.log
2014-12-10 13:50 - 2014-12-10 13:50 - 00000197 _____ () C:\Windows\system32\2014-12-10-12-50-20.077-AvastVBoxSVC.exe-1564.log
2014-12-10 13:46 - 2014-12-10 13:46 - 00003256 _____ () C:\Windows\System32\Tasks\{FC85E084-C44F-41A8-96F7-9210F9904A27}
2014-12-10 13:39 - 2014-12-10 13:40 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-10 13:39 - 2014-12-10 13:40 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-09 19:44 - 2014-12-09 19:43 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-09 19:43 - 2014-12-09 19:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-09 18:32 - 2014-12-09 18:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Yacht Club Games
2014-12-09 09:45 - 2014-12-09 19:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-12-09 09:45 - 2014-12-09 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-12-09 09:45 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-09 09:45 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-09 09:45 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-09 09:45 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-09 09:45 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-09 09:45 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-09 09:44 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-09 09:44 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-09 09:44 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-09 09:44 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-09 09:44 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-09 09:44 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-09 09:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-09 09:44 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-09 09:44 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-09 09:44 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-09 09:44 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-09 09:44 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-09 09:44 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-09 09:44 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-09 09:44 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-09 09:44 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-09 09:44 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-09 09:44 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-09 09:44 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-09 09:44 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-09 09:44 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-09 09:44 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-09 09:44 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-09 09:44 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-09 09:44 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-09 09:44 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-09 09:44 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-09 09:44 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-09 09:44 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-09 09:44 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-09 09:44 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-09 09:44 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-09 09:44 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-09 09:44 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-09 09:44 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-09 09:44 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-09 09:44 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-09 09:44 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-09 09:44 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-09 09:44 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-09 09:44 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-09 09:44 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-09 09:44 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-09 09:44 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-09 09:44 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-09 09:44 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-09 09:43 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-09 09:43 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-09 09:43 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-09 09:43 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-09 09:43 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-09 09:43 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-09 09:43 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-09 09:43 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-09 09:43 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-09 09:43 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-09 09:43 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-09 09:43 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-09 09:43 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-09 09:43 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-09 09:43 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-09 09:43 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-09 09:43 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-09 09:43 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-09 09:43 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-09 09:34 - 2014-12-09 09:34 - 00000000 ____D () C:\Program Files (x86)\Capcom
2014-12-09 09:32 - 2014-12-09 09:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-12-09 09:32 - 2014-12-09 09:32 - 00000000 ____D () C:\GOG Games
2014-12-08 17:43 - 2014-12-29 13:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-08 17:43 - 2014-12-12 15:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-08 17:43 - 2014-12-12 15:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 17:43 - 2014-12-12 15:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 16:16 - 2014-12-08 16:16 - 00002974 _____ () C:\Windows\System32\Tasks\Launch 19578
2014-12-08 15:52 - 2014-12-09 19:56 - 00000165 _____ () C:\AdwCleanerDebug.txt
2014-12-08 08:18 - 2014-12-08 08:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\11bitstudios
2014-12-08 07:58 - 2014-12-08 08:02 - 00000000 ____D () C:\Users\David\AppData\Local\qbqbqb
2014-12-08 07:58 - 2014-12-08 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QbQbQb
2014-12-08 07:58 - 2014-12-08 07:58 - 00000000 ____D () C:\Program Files (x86)\QbQbQb
2014-12-06 20:42 - 2003-04-19 00:39 - 00006659 _____ () C:\Windows\SysWOW64\TANDPL.VXD
2014-12-06 20:42 - 2003-04-19 00:32 - 00004736 _____ () C:\Windows\SysWOW64\Drivers\tandpl.sys
2014-12-06 20:42 - 2003-03-02 17:44 - 00007552 _____ () C:\Windows\SysWOW64\Drivers\enodpl.sys
2014-12-06 20:42 - 2001-08-31 15:16 - 00006532 _____ () C:\Windows\SysWOW64\ENODPL.VXD
2014-12-06 20:01 - 2014-12-06 20:01 - 00000000 ____D () C:\Users\David\AppData\Roaming\fr.ratzngodz.1Quest
2014-12-03 19:24 - 2014-12-03 19:24 - 00001653 _____ () C:\Users\user\Desktop\Xenominer.lnk
2014-12-02 19:10 - 2014-12-08 10:24 - 00000000 ____D () C:\Users\David\AppData\Local\GeometryWars3Dimensions
2014-12-02 18:22 - 2014-12-02 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darksiders II
2014-12-02 18:18 - 2014-12-02 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra Activision Aspyr
2014-12-02 18:17 - 2014-12-02 18:17 - 00000000 ____D () C:\Program Files (x86)\Sierra Activision Aspyr
2014-12-02 17:44 - 2014-12-02 18:22 - 00000000 ____D () C:\Program Files (x86)\Darksiders II

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-29 14:15 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-29 14:15 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-29 14:13 - 2014-06-17 18:49 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 14:11 - 2014-06-04 18:09 - 01286285 _____ () C:\Windows\WindowsUpdate.log
2014-12-29 14:09 - 2013-09-04 16:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-29 14:08 - 2012-07-24 15:06 - 00000000 ____D () C:\ProgramData\clear.fi
2014-12-29 14:07 - 2014-05-27 17:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-29 14:06 - 2013-09-04 16:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-29 14:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-29 13:58 - 2014-02-22 16:57 - 00000000 ____D () C:\AdwCleaner
2014-12-29 13:50 - 2014-06-10 06:39 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-28 09:48 - 2013-10-29 18:07 - 00000000 ____D () C:\Users\David\AppData\Roaming\.technic
2014-12-28 09:47 - 2012-08-27 18:25 - 00000000 ____D () C:\Users\David\AppData\Roaming\.minecraft
2014-12-28 09:19 - 2014-04-05 16:28 - 00000000 ____D () C:\Users\David\Documents\My Games
2014-12-28 08:23 - 2014-09-02 14:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 20:40 - 2013-05-04 09:36 - 00000000 ____D () C:\Users\Dxtory2.0
2014-12-22 20:40 - 2013-02-21 18:58 - 00000000 ____D () C:\Users\pizza
2014-12-22 20:37 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-21 14:18 - 2012-08-27 18:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-12-20 20:23 - 2014-07-09 16:56 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-12-20 19:38 - 2013-02-05 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-18 20:22 - 2014-09-01 09:34 - 00000000 ___RD () C:\Users\David\Desktop\-
2014-12-17 17:20 - 2014-06-10 06:39 - 00003856 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1402378750
2014-12-16 20:32 - 2013-02-04 18:14 - 00000000 ____D () C:\schule
2014-12-16 20:21 - 2014-09-27 15:49 - 00259072 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-12-14 18:23 - 2012-09-14 14:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-12-14 18:04 - 2014-09-21 18:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-14 18:04 - 2011-10-14 04:30 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 14:22 - 2014-11-17 13:54 - 00003052 _____ () C:\Windows\System32\Tasks\{B960A761-DB7D-441F-B492-F36E2AD2345F}
2014-12-13 13:44 - 2014-04-19 19:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\DAEMON Tools Pro
2014-12-13 13:44 - 2013-05-21 11:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2014-12-13 13:32 - 2013-09-04 16:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-12 15:29 - 2014-10-12 19:07 - 00000000 ____D () C:\Users\David\AppData\Local\Adobe
2014-12-12 15:18 - 2013-09-04 17:23 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-12 15:18 - 2012-08-27 18:17 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-12 15:18 - 2012-08-27 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-11 13:18 - 2012-07-27 06:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-10 18:21 - 2013-09-28 11:14 - 00000000 ____D () C:\Users\David\.VirtualBox
2014-12-10 18:13 - 2012-07-23 15:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\Macromedia
2014-12-10 17:54 - 2014-07-30 18:38 - 00000000 ____D () C:\Users\David\Documents\CAPCOM
2014-12-10 13:43 - 2011-10-14 04:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-09 19:45 - 2014-11-25 18:03 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-12-09 19:45 - 2014-11-25 18:03 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-12-09 19:45 - 2011-10-14 04:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-09 19:44 - 2014-05-27 17:19 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-09 19:43 - 2014-05-27 17:29 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-09 19:43 - 2014-05-27 17:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-09 19:43 - 2014-05-27 17:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-09 19:42 - 2014-09-11 14:50 - 00000000 ___RD () C:\Users\David\Desktop\GGebra
2014-12-09 19:12 - 2012-07-23 15:48 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe
2014-12-09 09:46 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-08 16:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-08 16:06 - 2011-12-16 13:26 - 00701576 _____ () C:\Windows\system32\perfh007.dat
2014-12-08 16:06 - 2011-12-16 13:26 - 00150444 _____ () C:\Windows\system32\perfc007.dat
2014-12-08 16:06 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-08 15:51 - 2013-10-12 17:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-07 14:48 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-06 21:26 - 2014-05-03 20:30 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-12-06 20:57 - 2011-10-14 04:49 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-03 19:23 - 2014-03-16 13:11 - 00000000 ____D () C:\Games
2014-12-02 18:54 - 2014-04-19 20:34 - 00000000 ____D () C:\Users\David\AppData\Local\SKIDROW
2014-11-29 18:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

Files to move or delete:
====================
C:\Users\Dxtory2.0\AudioStreamSplitter.exe
C:\Users\Dxtory2.0\AVIFix.exe
C:\Users\Dxtory2.0\AVIMux.exe
C:\Users\Dxtory2.0\AVIMuxCore.dll
C:\Users\Dxtory2.0\Dxtory.exe
C:\Users\Dxtory2.0\Dxtory64.exe
C:\Users\Dxtory2.0\DxtoryAudioHelper.dll
C:\Users\Dxtory2.0\DxtoryCore.dll
C:\Users\Dxtory2.0\DxtoryCore64.dll
C:\Users\Dxtory2.0\DxtoryHK.dll
C:\Users\Dxtory2.0\DxtoryHK64.dll
C:\Users\Dxtory2.0\DxtoryMM.dll
C:\Users\Dxtory2.0\DxtoryMM64.dll
C:\Users\Dxtory2.0\DxtoryVideo.dll
C:\Users\Dxtory2.0\DxtoryVideo64.dll
C:\Users\Dxtory2.0\DxtoryVideo64_Install.bat
C:\Users\Dxtory2.0\DxtoryVideo64_Uninstall.bat
C:\Users\Dxtory2.0\DxtoryVideoSetting.exe
C:\Users\Dxtory2.0\DxtoryVideo_Install.bat
C:\Users\Dxtory2.0\DxtoryVideo_Uninstall.bat
C:\Users\Dxtory2.0\LicReg.exe
C:\Users\Dxtory2.0\RawCapConv.exe
C:\Users\Dxtory2.0\RCStream.dll
C:\Users\Dxtory2.0\unins000.dat
C:\Users\Dxtory2.0\unins000.exe
C:\Users\Dxtory2.0\UpdateChecker.exe


Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\i4jdel0.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-07 18:57

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 29.12.2014, 13:32   #13
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Hier noch Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by David at 2014-12-29 14:27:37
Running from C:\Users\David\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee  Anti-Virus und Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: McAfee  Anti-Virus und Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee  Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Tropico 4" (HKLM-x32\...\{C276D408-F88A-4E69-9CE3-B785CFA276BD}_is1) (Version:  - )
«Cabela's Big Game Hunter Pro Hunts» (HKLM-x32\...\{77B9D608-84EC-4F26-9541-D92F1C223851}_is1) (Version: 1.0 - © R.G. Revenants)
µTorrent (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
7 Days to Die - Alpha version 0.9.1 (HKLM-x32\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 0.9.1 - The Fun Pimps LLC)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
AirMech (HKLM-x32\...\Steam App 206500) (Version:  - Carbon Games)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Among The Sleep (HKLM-x32\...\Among The Sleep_is1) (Version:  - )
ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)
Anno 2070 version 2.0 (HKLM-x32\...\{B6249B57-3A35-4E06-A747-F79AE49F275D}_is1) (Version: 2.0 - )
AntiLogger Free version 1.8.2.16 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.16 - Zemana Ltd.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.00 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Battlefield Heroes (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Big Fun Zug Um Zug (HKLM-x32\...\Zug Um Zug) (Version:  - )
BigRigs over the road Racing (HKLM-x32\...\BigRigs over the road Racing_is1) (Version:  - Stellar Stone Group)
Blender (HKLM\...\Blender) (Version: 2.64a-release - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{783DCCCB-FBD0-4D1D-928D-7075DA8015E6}) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
'Borderlands' (v.1.4.1) (HKLM-x32\...\'Borderlands'_is1) (Version:  - )
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BumpTop (HKLM-x32\...\{71702641-2849-45A4-8E62-4B85974B24A0}_is1) (Version: 2.1.6225 - Bump Technologies, Inc.)
BumpTop (HKLM-x32\...\{AC28B5E8-B5D6-4917-B686-DED2212926BB}) (Version: 1.0.3038 - Bump Technologies, Inc.)
Capsized (HKLM-x32\...\Capsized_is1) (Version:  - )
Cat Licking Screen Cleaner Screensaver (HKLM-x32\...\Cat Licking Screen Cleaner Screensaver) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Costume Quest 2 (HKLM-x32\...\Costume Quest 2_is1) (Version: 1.0 - PLAZA)
Craften Terminal 3.3.4897.28268 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.3.4897.28268 - Craften Dev Team)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CursorFX (x32 Version: 2.00 - Stardock Corporation) Hidden
CursorFX Plus (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\CursorFX Plus) (Version:  - Stardock Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro Advanced (HKLM-x32\...\DAEMON Tools Pro Advanced) (Version:  - )
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: Darksiders II - )
Depth (HKLM-x32\...\Depth_is1) (Version:  - )
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Duke Nukem 3D Megaton Edition version 1.00 (HKLM-x32\...\Duke Nukem 3D Megaton Edition_is1) (Version: 1.00 - )
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FEZ (HKLM-x32\...\FEZ_is1) (Version:  - R.G. Origami)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FMS (HKLM-x32\...\FMS) (Version:  - )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GeoGebra 4.4 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\GeoGebra 4.4) (Version: 4.4.43.0 - International GeoGebra Institute)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.24.0 - International GeoGebra Institute)
Geometry Wars 3 Dimensions (HKLM-x32\...\Geometry Wars 3 Dimensions_is1) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint Exclusive Edition 1.0 (HKLM-x32\...\Gunpoint Exclusive Edition 1.0) (Version: 1.0 - Focus Home Interactive)
Gunpoint version v1.1 (HKLM-x32\...\{B33EDF25-91DF-40FC-B2F7-FA19E3F0489F}}_is1) (Version: v1.1 - )
Haunt 1.1 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\Haunt 1.1) (Version:  - )
Haunt 1.1 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Haunt 1.1) (Version:  - )
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{5409411D-CD72-432D-B823-1B520B24BD3C}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Igneous (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Igneous) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest (HKLM-x32\...\Jewel Quest_is1) (Version:  - My Real Games Ltd)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Joystick 2 Mouse 3 (HKLM-x32\...\Joystick 2 Mouse 3) (Version:  - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Jurassic Park Operation Genesis Demo (HKLM-x32\...\InstallShield_{5066E836-D960-45A2-AB12-81545003451D}) (Version: 1.00.0000 - Universal Interactive)
Jurassic Park Operation Genesis Demo (x32 Version: 1.00.0000 - Universal Interactive) Hidden
Kill The Bad Guy (HKLM-x32\...\Kill The Bad Guy_is1) (Version:  - )
Killer is Dead (HKLM-x32\...\Killer is Dead_is1) (Version:  - )
Knight Rider PC Demo (HKLM-x32\...\Knight Rider PC Demo) (Version:  - Davilex Games B.V.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM-x32\...\{4614C36E-AABF-42AD-9419-0B8051547B96}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM-x32\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LEGO MINDSTORMS NXT Software v2.0 (HKLM-x32\...\{5B7EDCF8-E6AD-4E99-972C-34BF1F07B349}) (Version: 2.0.114.0 - LEGO)
LibreOffice 3.5 (HKLM-x32\...\{B1F9C834-0594-4563-B344-4ED9599A5945}) (Version: 3.5.5.3 - The Document Foundation)
LibreOffice 3.5 Help Pack (German) (HKLM-x32\...\{63DAF1E5-2FE9-4CE1-871F-BBE6E5630E12}) (Version: 3.5.5.3 - The Document Foundation)
Licking Dog Screen Clean Screensaver (HKLM-x32\...\Licking Dog Screen Clean Screensaver) (Version:  - )
LIMBO (HKLM-x32\...\LIMBO) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.166 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.166 - LogMeIn, Inc.) Hidden
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Max Payne 2 (HKLM-x32\...\Max Payne 2) (Version:  - )
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 11.0.678 - McAfee, Inc.)
MegaDownloader 0.82 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 0.82 - Andres_age)
Megapolis (HKLM-x32\...\Megapolis_is1) (Version:  - FreeGamePick.com)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 - de-de (HKLM\...\SPDRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.21.75 - Huawei Technologies Co.,Ltd)
Monaco What's Yours Is Mine (HKLM-x32\...\Monaco What's Yours Is Mine_is1) (Version: Monaco What's Yours Is Mine - )
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mutant Factions v0.92 (HKLM-x32\...\{192DCFA4-5AD8-44B2-B08E-38D7BC8980C6}_is1) (Version:  - Ben Johnson)
My Game Long Name (HKLM\...\UDK-e40e093f-8cca-4bae-b236-c4c49ce4598f) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-fa558830-5bb0-41aa-b74c-0e62877dd866) (Version:  - Epic Games, Inc.)
MyFreeCodec (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MyFreeCodec) (Version:  - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nitronic Rush (2012-12-21 .2) version 20121221.1 (HKLM-x32\...\{9B55759D-424F-4CB1-B84E-AAE83CC1D20A}_is1) (Version: 20121221.1 - DigiPen)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 285.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.64 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
One Button Bob (HKLM-x32\...\{00F0982D-CBB7-47FE-BAA1-4C0589D43A8A}_is1) (Version:  - ePlaybus.com)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{58152609-fc38-4925-8ef4-c2548453c6fb}) (Version: latest - ppy Pty Ltd)
osu! (HKLM-x32\...\{e2eadd0d-7e2d-4ed3-808b-921824a1913a}) (Version: latest - ppy Pty Ltd)
Outland (HKLM-x32\...\Outland_is1) (Version: 1.0 - PLAZA)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\PhotoFiltre 7) (Version:  - )
Planetary Annihilation (HKLM-x32\...\Planetary Annihilation_is1) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Poker Night 2 (HKLM-x32\...\Poker Night 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal (HKLM-x32\...\Portal) (Version:  - )
Portal 2 version 1.16 (HKLM-x32\...\{2ED84EF7-0C8D-3P20-BIO2-7B42A5D4E0EB}_is1) (Version: 1.16 - Black Box)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Postal 2 Complete (HKLM-x32\...\Postal 2 Complete_is1) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Prototype 2 version 5.1 (HKLM-x32\...\{B810D852-DFD6-PROT2L-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QbQbQb version 1.1.0 (HKLM-x32\...\{6AC0001C-30BB-4582-959E-6BF89172AB09}_is1) (Version: 1.1.0 - Rezoner)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Randal's Monday (HKLM-x32\...\Randal's Monday_is1) (Version:  - Daedalic Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
RegHunter (HKLM\...\{F94A63D7-9A61-403B-8F6F-90B1BF77211A}) (Version: 1.3.3.1613 - Enigma Software Group USA, LLC)
Remo Repair RAR (HKLM-x32\...\{665680CE-EABF-4678-94AA-F3253AD70B0A}_is1) (Version: 2.0.0.17 - Remo Software)
Resident Evil - Operation Raccoon City (HKLM-x32\...\Resident Evil - Operation Raccoon City_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Salt 1.2.9.2 (HKLM-x32\...\Salt 1.2.9.2) (Version: 1.2.9.2 - TJTITAN199)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Serious Sam Test 2 (HKLM-x32\...\Serious Sam Test 2) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shape Shape (HKLM-x32\...\Shape Shape_is1) (Version:  - Shmehao.com)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Spelunky HD 1.0 (HKLM-x32\...\Spelunky HD 1.0) (Version: 1.0 - Cat-A-Cat)
Spintires (HKLM-x32\...\Spintires_is1) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (HKLM\...\{EDBC8AED-78A3-424E-ADB6-C7B1424FFAFD}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
The Room (HKLM-x32\...\The Room_is1) (Version:  - Fireproof Games)
The Walking Dead: Season 2 Episode 3 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - Hi-Rez Studios)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version:  - )
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.078 - Aten International Co., Ltd.)
Unity Web Player (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warsow 1.02 (HKLM-x32\...\{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1) (Version: 1.02 - Chasseur de bots)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.0.9.8.MultiLanguage - )
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
XSplit Broadcaster (HKLM-x32\...\{4BC33FAB-4249-44D7-88A3-22682C577EE3}) (Version: 1.3.1310.1103 - SplitMediaLabs)
Yet Another Zombie Defense (HKLM-x32\...\WWV0QW5vdGhlclpvbWJpZURlZmVuc2U=_is1) (Version: 1 - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

25-11-2014 18:02:53 Installed Hi-Rez Studios Games
25-11-2014 18:06:46 DirectX wurde installiert
06-12-2014 20:39:55 Installiert XIII
06-12-2014 20:45:25 Installiert XIII
06-12-2014 20:59:38 Installiert XIII
06-12-2014 21:03:44 Installiert XIII
06-12-2014 21:06:50 Installiert XIII
06-12-2014 21:11:01 Installiert XIII
06-12-2014 21:21:16 Installiert XIII
06-12-2014 21:24:03 Installiert XIII
06-12-2014 21:34:57 Installiert XIII
09-12-2014 09:34:09 Installiert Street Fighter X Tekken
09-12-2014 19:37:30 Removed Passware Kit Basic Demo 13.5 (32-bit)
09-12-2014 19:39:42 avast! antivirus system restore point
09-12-2014 19:40:28 Removed Microsoft Games for Windows - LIVE Redistributable
09-12-2014 19:45:20 Removed Hi-Rez Studios Games
10-12-2014 14:28:54 DLL-Files Fixer Mi, Dez 10, 14  14:28
12-12-2014 19:39:26 DirectX wurde installiert
20-12-2014 19:32:09 Revo Uninstaller's restore point - UpdateChecker
20-12-2014 19:37:43 Revo Uninstaller's restore point - HP Photo Creations
21-12-2014 10:42:20 Revo Uninstaller's restore point - 7-Zip 9.22beta
21-12-2014 10:45:18 Revo Uninstaller's restore point - Achtung, die Kurve! 2
21-12-2014 10:47:32 Revo Uninstaller's restore point - McAfee Internet Security Suite
28-12-2014 08:27:33 Installed Christmas Shopper Simulator

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-22 15:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0342BFD4-5050-4C2B-8AE3-A40D108757DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {08E7991B-1383-4377-BEDA-14D0F26A7409} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {0C3CB652-4410-4852-A2B5-C433841839BC} - System32\Tasks\{B960A761-DB7D-441F-B492-F36E2AD2345F} => C:\Users\David\Desktop\IGG-The.Escapists.0.792\Neuer Ordner\The Escapists\TheEscapists.exe
Task: {15F2A646-5DE5-485A-9213-E4A7D2670688} - System32\Tasks\{848CE327-C827-4159-A571-79A8981EFB54} => pcalua.exe -a "C:\Program Files (x86)\Portal\Portal.exe" -d "C:\Program Files (x86)\Portal\portal\sound\weapons\rocket"
Task: {177D876B-F170-4499-A814-BAF6AD943E35} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {1DAA2393-F7FE-40DC-A291-FC977EB52FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {1DCBED23-97E8-47D7-8CB8-935767F4E6E5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-11-17] (Microsoft Corporation)
Task: {29B81785-BB2F-48E5-839A-E4F452EF813F} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-5 No Task File <==== ATTENTION
Task: {2CF4A184-DFBF-43E1-AF67-51A887F04F49} - System32\Tasks\{0A7E012B-4D8E-48BB-A719-4A57FD4D2C28} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\bin\addoninstaller.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm" -c /register
Task: {2D1E89ED-BF8E-4919-874C-2A3A070F535E} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {31B454B7-8A78-4193-8B39-D962AD5311E5} - System32\Tasks\{2E1BC973-FB55-475C-AB91-7E2AF64512AA} => pcalua.exe -a E:\Redist\vcredist_x86.exe -d E:\Redist
Task: {3399E5F2-A952-4774-B30D-CB0073EBB4C2} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-1 No Task File <==== ATTENTION
Task: {3817BD51-2743-4031-BAE8-66415FA67768} - System32\Tasks\{C70F2032-FF8C-4D1C-A97B-C8186CB7C12A} => pcalua.exe -a C:\Users\David\Desktop\serioussam.exe -d C:\Users\David\Desktop
Task: {39FC84F7-631F-48DD-98D9-2A1E0E55A17D} - System32\Tasks\{868495F6-ECBD-4925-81F3-720A2EE1E54A} => pcalua.exe -a C:\Users\David\Downloads\dxwebsetup(1).exe -d C:\Users\David\Downloads
Task: {3F572DED-F780-4880-B653-DEA49C7D78CF} - System32\Tasks\Launch 19578 => C:\Program Files (x86)\YTDownloader\YTDownloader.exe
Task: {4244BFD1-7259-4908-873E-EE86BC202A69} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {477F45F8-5B79-4B1D-BEFC-08AD95E39AC1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {4908111F-2CEB-4649-89F6-211BC6CCD24B} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-5_user No Task File <==== ATTENTION
Task: {4B5EBD70-2C5A-4674-BFD9-41A26A902DB5} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-4 No Task File <==== ATTENTION
Task: {4D47168B-2802-4D1E-B252-0D1E997C5766} - System32\Tasks\{065B4F65-EC5A-406A-B1BF-51665159EE90} => pcalua.exe -a "C:\Program Files (x86)\Alientrap Games Inc\Capsized\Dependencies\dotnetfx35.exe" -d "C:\Program Files (x86)\Alientrap Games Inc\Capsized\Dependencies"
Task: {52096399-6CB7-4D23-8447-7BB4A6E198BA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {526BBCEA-16B6-43E9-81CC-A3B42891661C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {556A8282-344D-475C-AC3C-9C3A62004FE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {601C76F1-93F4-4124-ABDF-DEEE85043577} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
Task: {66DBEAE5-CE4D-4310-B480-2E2DE6D1EB06} - System32\Tasks\{E185E58D-45E6-484E-9487-A57A3278B40F} => E:\Install.exe
Task: {68B169C3-1246-48A2-9217-64F8B58ED286} - System32\Tasks\{EA2934C7-4D43-4F47-8E36-9314EFB5FA20} => pcalua.exe -a "C:\Users\David\Desktop\Desktop\Bioshock\IGG-Bioshock.1\Bioshock\#README#\DirectX 9c (2007)\DXSETUP.exe" -d "C:\Users\David\Desktop\Desktop\Bioshock\IGG-Bioshock.1\Bioshock\#README#\DirectX 9c (2007)"
Task: {69E2DEA5-63B2-460A-9855-B92AD52005D0} - System32\Tasks\{A36C69E5-17AC-4B1D-A6D6-FE418062131A} => pcalua.exe -a C:\Users\David\Desktop\uc232a_win7_xp_vista_v1.0.075-alternativ\UC232A_Windows_Setup_V1.0.075.exe -d C:\Users\David\Desktop\uc232a_win7_xp_vista_v1.0.075-alternativ
Task: {6A276532-1B42-412E-9F2B-1E58474A60A9} - System32\Tasks\{4D6378C9-1B39-4645-82D6-B50B2003D818} => pcalua.exe -a C:\Users\David\Desktop\IGG-Return.to.Blockland\IGG-Return.to.Blockland\RTB1045full.exe -d C:\Users\David\Desktop\IGG-Return.to.Blockland\IGG-Return.to.Blockland
Task: {6BBDBD42-4139-4F50-B00E-2C2D9987B4A6} - System32\Tasks\{32EA14EE-1B21-4161-9767-0E05A2B92C30} => pcalua.exe -a C:\Users\David\Desktop\UC232A_Windows_Setup_V1.0.075.exe -d C:\Users\David\Desktop
Task: {6D192E25-7783-4387-A04E-B0279B611274} - System32\Tasks\{FC85E084-C44F-41A8-96F7-9210F9904A27} => pcalua.exe -a "C:\Program Files (x86)\Capcom\Street Fighter X Tekken\GDFInstall.exe" -d "C:\Program Files (x86)\Capcom\Street Fighter X Tekken"
Task: {7A5CEB00-1B27-4B83-9D16-EE48E67BD9F3} - System32\Tasks\{4BA1C9B7-C196-4EA4-83DE-BB4F70D02D3D} => pcalua.exe -a C:\Users\David\Downloads\setup_de.exe -d C:\Users\David\Downloads
Task: {7B2B34F5-4085-437A-BFC2-4B5518027C67} - System32\Tasks\Opera scheduled Autoupdate 1402378750 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {8317E2A9-1065-4444-9FAA-4322085FFFE6} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-11 No Task File <==== ATTENTION
Task: {8E14E3F8-2F52-4F82-AE5B-EBEFABB5C164} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {906835B0-AB40-4461-BA83-E5B4C9C0E0A5} - \a7cfbf4a-2fda-407e-b9e2-7e3496b505e9-2 No Task File <==== ATTENTION
Task: {90FA3741-5BE2-4C4D-8EDD-BF24C662DA32} - System32\Tasks\{4B9F3708-561A-4736-9DA8-62AE7BDC499D} => pcalua.exe -a "C:\Users\David\Downloads\uc232a_windows_setup_v1.0.078 (1)\UC232A_Windows_Setup.exe" -d "C:\Users\David\Downloads\uc232a_windows_setup_v1.0.078 (1)"
Task: {927EAAA0-F2E1-4579-AA90-FB15E55C699E} - System32\Tasks\{4DC151BF-6976-44B0-9444-E099F0FA40AA} => E:\Install.exe
Task: {A078D10B-62C5-4164-8F15-0F1C8D4B5FF2} - System32\Tasks\{AFF2F52F-EF43-4E4B-B7C3-AF306358CAFF} => pcalua.exe -a C:\Users\David\Desktop\desktop\igneous_setup\igneous_setup.exe -d C:\Users\David\Desktop\desktop\igneous_setup
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A59976D5-9298-4D00-815B-909FA1D0AF29} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-11-17] (Microsoft Corporation)
Task: {A6055463-7302-474B-B41F-97B6DCFE80A3} - System32\Tasks\{30B6B71D-360A-4990-A89F-CDD344DC9335} => E:\Install.exe
Task: {A6502404-9038-4665-B2D8-8B18A07BDA5F} - System32\Tasks\{3798E432-BD79-4B0C-B9C8-6302DA50E04B} => pcalua.exe -a E:\Downloads\dotnetfx2.exe -d E:\Downloads
Task: {B01CD576-E006-4C2D-8B6A-2098664AAEBE} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {B18DF795-9544-4CC8-B4C2-58513749B5C5} - System32\Tasks\{A7DB6150-3B52-4F49-9F91-FBC0624BFD61} => C:\Program Files (x86)\Black Box\Portal 2\portal2.exe [2012-02-21] ()
Task: {B954B984-0A79-473C-9A00-EFB479BF2BC2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {C3C95896-ADFC-454C-AE05-C23335A93F78} - System32\Tasks\{508081F0-5FC7-4271-8CDC-1E61763ECB6A} => pcalua.exe -a "C:\Users\David\Desktop\Desktop\CD\emedia 1\games\Erotik\Bustout\bo3dinst.exe" -d "C:\Users\David\Desktop\Desktop\CD\emedia 1\games\Erotik\Bustout"
Task: {CBB4A1C4-B70A-4BE3-86FD-D58C1F7DE5B1} - System32\Tasks\{860E53FE-8F1F-45E9-BA57-D276414F06DB} => pcalua.exe -a C:\Users\David\Downloads\vcredist_x86.exe -d C:\Users\David\Downloads
Task: {CCEF0C18-19F2-49F5-8EC2-85CAB08653AE} - System32\Tasks\{5C16AEF4-46C9-49A6-9611-1E112B28285F} => E:\Install.exe
Task: {D817B95F-878F-403C-9983-AF7E963D183D} - System32\Tasks\{0C44E482-14D5-44D4-BED0-95F68DAA076B} => E:\Install.exe
Task: {E0974176-D160-47A1-A820-923295320CC2} - System32\Tasks\{E2709E61-FC50-47E8-B8E6-B63C51EF9AAA} => pcalua.exe -a C:\Users\David\Downloads\dxwebsetup(2).exe -d C:\Users\David\Downloads
Task: {E0D99CE9-E454-40D0-BC5F-63DFFECC6D23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E9B2832A-8D63-4EF9-B5F2-8A3F4F46CEF7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {EC44ABFE-B79F-4C91-B75D-BDEB2CB1D73D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {F565E689-75FD-466B-A601-2D52FBFFFBB3} - System32\Tasks\{6C8B5439-577B-46BA-8421-3D94A2A0E99A} => pcalua.exe -a C:\Users\David\Desktop\Joy2Mouse3.exe -d C:\Users\David\Desktop
Task: {FCAB90B4-8FD1-4020-A4CC-62C286707DEC} - System32\Tasks\Open Chrome => Chrome.exe --new-window hxxp://toolbar.avg.com/almost-done?pid=avg&amp;lang=de
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe

==================== Loaded Modules (whitelisted) =============

2014-09-02 14:40 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-04 18:59 - 2014-09-04 08:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 19:42 - 2014-12-09 19:42 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-09 19:42 - 2014-12-09 19:42 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-12-29 11:53 - 2014-12-29 11:53 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122900\algo.dll
2014-12-09 19:42 - 2014-12-09 19:43 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2013-05-14 16:33 - 2013-05-14 16:33 - 00002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro Advanced\MSIMG32.dll
2014-12-09 19:43 - 2014-12-09 19:43 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-14 18:19 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: BBSvc => 3
MSCONFIG\Services: BBUpdate => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: EgisTec Ticket Service => 3
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: savesenselive => 2
MSCONFIG\Services: savesenselivem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SmdmFService => 2
MSCONFIG\Services: SrvUpdater => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
MSCONFIG\Services: Wpm => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BumpTop.lnk => C:\Windows\pss\BumpTop.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BumpTop.lnk => C:\Windows\pss\BumpTop.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk => C:\Windows\pss\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe" -autorun
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Users\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LightShot => C:\Users\David\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\David\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SearchProtect => C:\Users\David\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WebcamMaxAutoRun => "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\David\AppData\Roaming\Yontoo\YontooDesktop.exe"
MSCONFIG\startupreg: ZALFree => "C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe" /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-3466399659-1618858318-3356278196-500 - Administrator - Disabled)
David (S-1-5-21-3466399659-1618858318-3356278196-1001 - Administrator - Enabled) => C:\Users\David
Gast (S-1-5-21-3466399659-1618858318-3356278196-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3466399659-1618858318-3356278196-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3466399659-1618858318-3356278196-1000 - Limited - Enabled) => C:\Users\UpdatusUser
user (S-1-5-21-3466399659-1618858318-3356278196-1006 - Limited - Enabled) => C:\Users\user

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-22 15:18:34.027
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-22 15:18:33.903
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 26%
Total physical RAM: 8043.86 MB
Available physical RAM: 5930.11 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13155.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (DAVID-Acer) (Fixed) (Total:913.41 GB) (Free:136.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9A7C392E)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Ich hab dir (schrauber)vor kurzem eine PM geschickt, weil ich da die Seite 2 im Forum nicht gesehen habe...

Alt 29.12.2014, 21:44   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.12.2014, 13:26   #15
zelfoxx
 
Pc stürzt oft ab ! - Standard

Pc stürzt oft ab !



Log.txt :
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=bd37bf7eb09fa242bf4a14125f8c5970
# engine=21752
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-30 12:01:50
# local_time=2014-12-30 01:01:50 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 1188637 184361400 0 0
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5122 16777213 100 88 72306934 128812570 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 44169433 171570760 0 0
# scanned=3791
# found=171
# cleaned=0
# scan_time=188
sh=89F702E8F2BBABC6D514D24393849433CDB186BA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\c4604ace-4f94-4d39-916d-2b3193b93019.crx.vir"
sh=A08B812036B170AD4CCE0A4C11418F3E423A71E9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\c4604ace-4f94-4d39-916d-2b3193b93019.xpi.vir"
sh=8D6A0681A05C7A9C9824CDC139D28FFFD94D55AA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\ddc05834-3409-4a90-805e-b63619cbb042.crx.vir"
sh=F670B56677247685C7F1D34599AC61BCB6259C7D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\0b3edafa-7e96-4ce0-b1a5-732f96a03bcd.crx.vir"
sh=C5C009FE1CCE0B016AA1254297AA474E5133940B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\0b3edafa-7e96-4ce0-b1a5-732f96a03bcd.xpi.vir"
sh=E3D2937E902BDE87AB1DF2D7C62ADABB61F9D992 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\cca662d5-5fb6-4152-97e5-c996e49d56ca.crx.vir"
sh=E8F9566FE85BD2C70C87CC6B06D772315D918235 ft=1 fh=c71c00111cd92b3f vn="Variante von Win32/ShopperPro.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1434\jsdrv.exe.vir"
sh=1DBF1556C82A78CA45882E66DD83C0A977BF8D23 ft=1 fh=328989ef9803066c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=C5883F4245AE2C0515FB1D04A08FD82885B06398 ft=1 fh=8d649859311d4519 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=9E90A050EB0BB1CEAB5633BCE404E5D5BC307647 ft=1 fh=2563181150dc44ea vn="Win32/Thinknice.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=16CF5D6E11C0F55548A67B8B5D04FA3460C76A2D ft=1 fh=7418003a088e68c3 vn="Win64/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=C03584BE4ED7835858158D1C38D6B08317E2FC82 ft=1 fh=a96a1125b953bd6a vn="Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=67642DACDC22ED45AF7947E4F47B1B8463E4162C ft=1 fh=b08cc40f36e9035a vn="Win64/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir"
sh=705C8DD943E08A52A3DC88A5FFC458575B34D471 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\360-51390.crx.vir"
sh=4305895BFC58BA4EE75ED9B4EF531B66E15E9AA3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\51390.xpi.vir"
sh=65CBD95EC1FD59FC606BC5439D4FFA71A4DAC93E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\a7cfbf4a-2fda-407e-b9e2-7e3496b505e9.crx.vir"
sh=30F20CC9AF11DD69C801E9C874DABA9DF1102BB3 ft=1 fh=90a474b4498da7ab vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\utils.exe.vir"
sh=9CA8EBFF024F34D076C7BFFF92B978D99251DC66 ft=1 fh=03cf8fdbea9a76d3 vn="Variante von Win32/ELEX.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Chromatic Browser\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=A887C00C7DF0610DDF015090458983949DACF62F ft=1 fh=650f854b97068ad8 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Linkey\Helper.dll.vir"
sh=B080AAEAF9189DF473A999399EC7B9D61A04C174 ft=1 fh=2ec70266168a4340 vn="Variante von Win32/Toolbar.SearchSuite.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Linkey\Uninstall.exe.vir"
sh=D72CFE1142EC40A4C9C840113CBBA9173BD37A18 ft=0 fh=0000000000000000 vn="Win32/AztecMedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx.vir"
sh=ECCAC05AC1B234C920664876442DF3EFD776DE60 ft=1 fh=e9325afa081f4f27 vn="Variante von Win32/Toolbar.SearchSuite.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Linkey\IEExtension\iedll.dll.vir"
sh=27F3722103AE0B59E452584BAC372AF8753ACD00 ft=1 fh=1e0c2baa3d38a164 vn="Variante von Win32/Toolbar.SearchSuite.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\Linkey\IEExtension\iedll64.dll.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\torch\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Local\torch\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=6BD92EAE74718BEC012A9D22CF249E11FB2DFB6C ft=1 fh=57cfc1434fb9eb96 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll.vir"
sh=EDC7610B1A77F044EEA881ABDB97F23BCCFDF119 ft=1 fh=381f14d7b10ee582 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll.vir"
sh=2212CF6366CEFEDC93C0800EE191349CCC7D3E19 ft=1 fh=8134fcbb9285f98c vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll.vir"
sh=399AFB22F7A717C669ECA28912A0CB2D1FFF1E14 ft=1 fh=b4f162fd7e41aa23 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll.vir"
sh=DDE86B212D8E3EBFF9C022F48234C5595C598857 ft=1 fh=9e978f61ab1fa991 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll.vir"
sh=596513198C454FC06E59747EB11FC08C92A0B7E2 ft=1 fh=8873e1ded419a654 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll.vir"
sh=4B953659E7AD1F852EF2C8018E7B343ADD726277 ft=1 fh=c8179fcbca2c7ecf vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll.vir"
sh=5CEF401CA4DA8FC052BA8DB1493406BCFEF25DCA ft=1 fh=66f56f38c52982ff vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll.vir"
sh=2EEBDB07F175B65FD4C787C64AEC26ACEEDFDA4A ft=1 fh=5e9ba4df2cb0a6b6 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll.vir"
sh=01009E63D2425FE46EF027462C6DF99AE407C343 ft=1 fh=aaa33064341c1ce1 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll.vir"
sh=116D1B4DC10B852CADD736CA8CFE600063775A48 ft=1 fh=d1af23177174a2a8 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll.vir"
sh=DEF642E8636F195453F1E08ACB828731EFA36B01 ft=1 fh=3e8d77e0d5c81aee vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll.vir"
sh=0FC92B853CA8C66683087D67A23C5251992B0779 ft=1 fh=76f97bb0ce51ab8f vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll.vir"
sh=D9B326DD751E094BFB2C7BB3A769D9FE176AEB38 ft=1 fh=5f64c6409e74a725 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll.vir"
sh=925C923F9E92E4361679CC920F03CF96F84FC603 ft=1 fh=16c2bf5f285bc7ca vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll.vir"
sh=318D48D3271FAA1EA5258ED505A1E321BF4BA08B ft=1 fh=840f9cf54442e506 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll.vir"
sh=777798DF5469896293063999F4639A9DB9B9A9C7 ft=1 fh=c33991462a487e33 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll.vir"
sh=E911B8875CD1FC85CD2697049A8D0D7A0F778B3A ft=1 fh=233eaa646b03b554 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll.vir"
sh=CD6020F4D3F37CF04D4ED9D0FEDB9E8D7898DA77 ft=1 fh=8de39f537110fe08 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll.vir"
sh=15C98FD010AAFF94E029F0B7FA6AE51A59D1217F ft=1 fh=be029954e40aa726 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll.vir"
sh=56C37BA98CB9271317C98BDEE6EC4A46EACE4453 ft=1 fh=f2dd6dc07f77b488 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll.vir"
sh=904958EBDE8EF6B98DB0E117C64B467037896448 ft=1 fh=4a101d4a68c69e11 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll.vir"
sh=0321BA784F228586696430F2FF5B4B19718A2D94 ft=1 fh=d8e25d56f30245ed vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll.vir"
sh=C21123C075E67EE2501842B656B99A1C07631440 ft=1 fh=aeba3972b0c8c3e3 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll.vir"
sh=11D49C6CDB2399194426C960C1E8034F8ECBA48C ft=1 fh=071585ba14067989 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll.vir"
sh=7744985834CA96FA1A6EB2C69BF2CA248F3729E1 ft=1 fh=51c9ea7b8ba27d97 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll.vir"
sh=864024725BC0096C79D5F69A3544DE65D264846A ft=1 fh=e10d9ad0600fcc22 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll.vir"
sh=4C0AD601E7DD1214490142A8309B489C8B3155E8 ft=1 fh=444d935aead97832 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll.vir"
sh=BFB89B217543905C2C07E4573B1E2CBE6515D8D4 ft=1 fh=823237f313d12529 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll.vir"
sh=1BCAA50D85AA6302BF6C114DCB8FE03066231BB2 ft=1 fh=915a73415b7d9ab8 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll.vir"
sh=DF1D3DB3B839BBEFA71C3CC67836EE4FD2683909 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\91.js.vir"
sh=8EA3229A2F910294CCE0E767736BCAFA1CE5AF0C ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\lea@jgcqsfr.com\content\bg.js.vir"
sh=B428C3AC354A800AAB0881EC287270E641EDEFDD ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\q5x407crr@yv-wpbdvly.net\content\bg.js.vir"
sh=702E9372975455460E6907A3E9557D7B6681BC30 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\qhlca@yai-.co.uk\content\bg.js.vir"
sh=DF1D3DB3B839BBEFA71C3CC67836EE4FD2683909 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Opera Software\Opera Stable\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn\1.26.86_0\extensionData\plugins\91.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\torch\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\torch\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\UpdatusUser\AppData\Local\torch\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Chromatic Browser\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Chromatic Browser\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\content.js.vir"
sh=09942FB682D8D1DC3C6D86D53D2FDF64CF3517F4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\torch\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\124\EmrbqR676L.js.vir"
sh=00E3944C8D213FDE24E8BEA76700450A9DF41260 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\content.js.vir"
sh=8EBC0CE9BF37078045633CE3BA966DC0546E3125 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\torch\User Data\Default\Extensions\imajeboeclccbembfbgohhejjdhgnkhn\3.9\fMjzASuQBP.js.vir"
sh=F32CD11F121E2C37FB0280FA529FA1E33C4C03B7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\torch\User Data\Default\Extensions\nfdnfkehfhiifndknplbgahfbhhaleac\3.9\HZmgO2fjQu.js.vir"
sh=155AC12C44F668DF035CB121CB4752706E982DDF ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\user\AppData\Local\torch\User Data\Default\Extensions\opmobdnjbecocljjgoabpngjefpknbfp\2.1\I8YwsJ9fV.js.vir"
sh=91DC006B84C4F51ADCADC1BB498E3376FC40130E ft=1 fh=c3b5952672b90e6f vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=bd37bf7eb09fa242bf4a14125f8c5970
# engine=21755
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-30 12:47:08
# local_time=2014-12-30 01:47:08 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 1191355 184364118 0 0
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5122 16777213 100 88 72309652 128815288 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 44172151 171573478 0 0
# scanned=30441
# found=2
# cleaned=0
# scan_time=1741
sh=CA41409E8DD27B05F6E87A7C998371CC3A4A74D7 ft=1 fh=2f170343ca9468be vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Common Files\System\SysMenu.dll"
sh=90AD3968FF02CBEA3F60759DFD1AF9EE71014EE6 ft=1 fh=b26a59a3cfab6876 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Common Files\System\SysMenu64.dll"
         
Der PC ist nach ca. 27 Minuten und ca. 50% Scanzeit wieder abgestürzt. Zwei unerwünschte Anwendungen wurden trotzdem gefunden...

Nachdem ich den PC wieder eingeschaltet habe hat sich der CHKDSK-Scan gestartet. Ich hab auf meinem Handy nachgesehen was das ist und es dann laufen lassen...

Checkup und FRST kommen gleich

checkup.txt :
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
McAfee  Anti-Virus und Anti-Spyware   
avast! Antivirus                      
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Cat Licking Screen Cleaner Screensaver 
 Java 7 Update 60  
 Java(TM) 6 Update 30  
 Java version 32-bit out of Date! 
 Adobe Flash Player 16.0.0.235  
 Adobe Reader 10.1.13 Adobe Reader out of Date!  
 Mozilla Firefox 28.0 Firefox out of Date!  
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Common Files Microsoft Shared Microsoft Online Services MSOIDSVC.EXE 
 Common Files Microsoft Shared Microsoft Online Services MSOIDSvcm.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Antwort

Themen zu Pc stürzt oft ab !
absturz ohne grund, abstürze, abstürzen, fehlercode 0x5, fehlercode 0x854, fehlercode 22, fehlercode windows, herunterfahren, hp photo creations entfernen, keine rückmeldung, mobogenie, mobogenie entfernen, nicht mehr, programme, reagiert, rückmeldung, task-manager, this device cannot start. (code10), this device is disabled. (code 22), updatechecker entfernen, win32/aztecmedia.a, win32/sbwatchman.d, win32/toolbar.searchsuite.q, win32/toolbar.searchsuite.u, win64/systweak.a



Ähnliche Themen: Pc stürzt oft ab !


  1. OTL stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 15.06.2015 (1)
  2. PC stürzt ab
    Netzwerk und Hardware - 01.07.2013 (2)
  3. ICQ stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 25.03.2011 (1)
  4. pc stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 12.03.2010 (5)
  5. Pc stürzt ab
    Log-Analyse und Auswertung - 08.08.2009 (1)
  6. Pc stürzt ab
    Diskussionsforum - 05.08.2009 (2)
  7. IE stürzt oft ab
    Log-Analyse und Auswertung - 10.03.2009 (23)
  8. PC stürzt ab !!!
    Mülltonne - 05.01.2009 (0)
  9. PC stürzt ab
    Mülltonne - 01.01.2009 (0)
  10. Pc läuft, stürzt ab, fährt hoch und stürzt sofort beim Reboot wieder ab
    Plagegeister aller Art und deren Bekämpfung - 08.08.2008 (14)
  11. PC stürzt ab...
    Log-Analyse und Auswertung - 21.04.2008 (2)
  12. IE stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 15.10.2007 (2)
  13. Pc stürzt ab
    Netzwerk und Hardware - 12.04.2007 (7)
  14. Pc stürzt ab!!HELP!!
    Netzwerk und Hardware - 11.04.2007 (11)
  15. AW: Pc stürzt ab!!HELP!!
    Mülltonne - 11.04.2007 (0)
  16. PC stürzt ab!!!
    Log-Analyse und Auswertung - 30.05.2006 (1)
  17. IE stürzt ab
    Log-Analyse und Auswertung - 25.01.2005 (4)

Zum Thema Pc stürzt oft ab ! - Hey Leute, seit kurzer Zeit stürzt mein Pc öfter einfach ab. Das passiert nicht nur bei grafiklastigen Spielen sondern auch bei Programmen wie Word etc. Ich bin mir zwar nicht - Pc stürzt oft ab !...
Archiv
Du betrachtest: Pc stürzt oft ab ! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.