Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Browser sind trotz neuem aufsetzen immernoch sehr langsam (https://www.trojaner-board.de/155137-browser-trotz-neuem-aufsetzen-immernoch-sehr-langsam.html)

Williwu 27.06.2014 06:26
möchte mich für die lange zeit ohne meldung entschuldiegen und bestätiege hiermit wieder im lande zu sein!

kamm leider eine Geschäftsreise dazwischen

schrauber 27.06.2014 13:52
ok.

Williwu 10.10.2014 02:17
hi so seid langem wieder hier also ich hatte mit eurer hilfe den PC zum laufen bekommen aber leider gottes wie ihr ja wisst muss man halt mal zur arbeit und Sohneman`n setzt sich vor den PC

so ich bin bislang noch nicht dazu gekommen alles kommplett nach zulesen dahher wäre es schön wenn ihr mir helfen konntet Frst kommt jetzt
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Grisu (administrator) on GRISU-PC on 09-10-2014 12:28:38
Running from C:\Users\Grisu\Desktop\Trojaner software
Loaded Profile: Grisu (Available profiles: Grisu)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Deutsche Telekom AG) D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Deutsche Telekom AG) D:\Programme\Netzmanager\netzmanager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ComboFix\CF7080.3XE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ComboFix\CF7080.3XE
() C:\ComboFix\PEV.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NirSoft) C:\ComboFix\NIRKMD.3XE
() C:\ComboFix\pev.3XE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: OpitOn -> {6b836c64-f364-437e-bab5-11f39990cfe9} ->  No File
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: OpteOn -> {ab957d78-2cdb-4568-8020-2eaabcd137c2} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: GoSaive -> {cfd100a1-0615-4d32-9827-7ac2d4b0faa4} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GMX MailCheck - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\toolbar@gmx.net [2014-10-04]
FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-10-02]
FF Extension: {7d02e03c-f690-4f38-bf10-5e8cc02a4740} - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{7d02e03c-f690-4f38-bf10-5e8cc02a4740}.xpi [2014-09-09]
FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-17]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-28]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> D3955B959DE080A3E6149C6A2508531C1F11B3489CC2DB1121D497E6B5830A95
CHR DefaultSearchProvider: Default -> EC6FB59FEA1D64FC5C1BCF93530975EB8C4DFA0917F2267A74FB23F8352E0631
CHR DefaultSearchURL: Default -> https://www.facebook.com/?ref=logo
CHR Profile: C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-09-26]
CHR Extension: (ZenMate) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-05]
CHR Extension: (AdBlock) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-09-26]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-09-26]
CHR Extension: (Virtual Keyboard) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-09-26]
CHR Extension: (Disconnect) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-17]
CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-29]
CHR Extension: (Anti-Banner) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-09-26]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-08-22] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-22] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-22] (BlueStack Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-07-06] () [File not signed]
R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-07-06] (My Digital Life Forums) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Netzmanager Service; D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH) [File not signed]
S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-22] (BlueStack Systems)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-06-03] (Duplex Secure Ltd.)
R3 TelekomNM6; D:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gwfilt64; system32\drivers\gwfilt64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 12:24 - 2014-10-09 12:28 - 00000000 ___SD () C:\ComboFix
2014-10-09 11:42 - 2014-10-09 11:42 - 00276375 _____ () C:\Users\Grisu\Desktop\SysInspector-GRISU-PC-141009-1138.zip
2014-10-08 15:19 - 2014-10-08 15:19 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\VSRevoGroup
2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Sinvise Systems
2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems
2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Program Files (x86)\Sinvise Systems
2014-10-08 15:10 - 2014-10-08 15:10 - 01125200 _____ () C:\Users\Grisu\Downloads\Shutdown Timer 32 Bit - CHIP-Installer.exe
2014-10-08 15:01 - 2014-10-08 15:01 - 00391064 _____ () C:\Users\Grisu\Downloads\billiards_install_1_0_2_7(2).exe
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-08 14:57 - 2014-10-08 14:57 - 02347384 _____ (ESET) C:\Users\Grisu\Downloads\esetsmartinstaller_deu.exe
2014-10-08 14:55 - 2014-10-08 14:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64911C52.sys
2014-10-08 14:29 - 2014-10-09 12:10 - 00000628 _____ () C:\Windows\PFRO.log
2014-10-08 12:53 - 2014-10-09 12:10 - 00000168 _____ () C:\Windows\setupact.log
2014-10-08 12:53 - 2014-10-08 12:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-08 04:16 - 2014-10-08 11:23 - 00000000 ____D () C:\Users\Grisu\Desktop\motochopper
2014-10-08 04:15 - 2014-10-08 04:15 - 04246449 _____ () C:\Users\Grisu\Downloads\motochopper.zip
2014-10-08 03:52 - 2014-10-08 03:52 - 00000000 ____D () C:\Users\Grisu\Downloads\Android-Root-Tool
2014-10-08 03:52 - 2014-10-08 03:52 - 00000000 ____D () C:\EGLTD
2014-10-07 14:47 - 2014-10-07 14:47 - 02941840 _____ (Microsoft Corporation) C:\Users\Grisu\Downloads\Windows7-USB-DVD-Download-Tool-Installer-de-DE.exe
2014-10-05 15:27 - 2014-10-05 15:27 - 00002258 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-05 15:25 - 2014-10-05 15:26 - 00895120 _____ (Google Inc.) C:\Users\Grisu\Downloads\ChromeSetup (1).exe
2014-10-05 14:38 - 2014-10-05 14:38 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-05 14:38 - 2014-10-05 14:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-05 14:26 - 2014-10-05 14:26 - 01101648 _____ () C:\Users\Grisu\Downloads\Firefox - CHIP-Installer(1).exe
2014-10-04 02:20 - 2014-10-04 02:27 - 291852366 _____ () C:\Users\Grisu\Downloads\Windows6.1-KB968211-x86-RefreshPkg.msu
2014-10-03 14:18 - 2014-10-03 14:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1343656D.sys
2014-10-02 12:30 - 2014-10-02 12:30 - 00000467 _____ () C:\Users\Public\Desktop\Sacred 3.lnk
2014-10-02 10:05 - 2014-10-02 11:35 - 00000000 ____D () C:\Users\Grisu\Desktop\Mashup-Germany - Vol.6 - Back to the future
2014-10-02 09:35 - 2014-10-02 09:55 - 176129509 _____ () C:\Users\Grisu\Downloads\Mashup-Germany - Vol.6 - Back to the future.zip
2014-10-02 08:56 - 2014-10-02 08:56 - 00136692 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.odt
2014-10-02 03:19 - 2014-10-02 03:19 - 00167316 _____ () C:\Users\Grisu\Downloads\[kickass.to]sacred.3.dlc.pack.addon.reloaded.torrent
2014-10-02 03:17 - 2014-10-02 03:17 - 00179196 _____ () C:\Users\Grisu\Downloads\[kickass.to]sacred.3.reloaded.torrent
2014-10-02 02:15 - 2014-10-08 15:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-02 02:13 - 2014-10-02 02:13 - 00244408 _____ () C:\Users\Grisu\Downloads\Firefox Setup Stub 32.0.3.exe
2014-10-02 02:08 - 2014-10-02 02:08 - 00001768 _____ () C:\sc-cleaner.txt
2014-10-02 02:07 - 2014-10-02 02:07 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Grisu\Downloads\sc-cleaner.exe
2014-10-02 01:43 - 2014-10-02 01:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-02 01:27 - 2014-10-02 01:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Grisu\Downloads\revosetup95.exe
2014-10-02 01:16 - 2014-10-02 01:18 - 00068191 _____ () C:\Users\Grisu\Downloads\FRST.txt
2014-10-01 12:25 - 2014-10-01 12:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\449A0149.sys
2014-10-01 00:19 - 2014-10-01 00:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7D894C22.sys
2014-09-29 14:13 - 2014-10-01 12:05 - 00381736 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.txt
2014-09-28 14:17 - 2014-09-28 14:17 - 01101648 _____ () C:\Users\Grisu\Downloads\Windows Media Player - CHIP-Installer.exe
2014-09-28 12:49 - 2014-09-28 12:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\319F42D4.sys
2014-09-28 12:09 - 2014-09-28 12:09 - 00335504 _____ (Bytro Labs) C:\Users\Grisu\Downloads\S1914JavaInstaller.exe
2014-09-26 17:26 - 2014-09-26 17:26 - 00000000 ____D () C:\Users\Grisu\Downloads\SpyHunter-v4.15.1.4270-Incl-Crack---[MUMBAI]
2014-09-26 16:12 - 2014-09-26 16:12 - 00000310 _____ () C:\CCALib8WS.log
2014-09-26 16:11 - 2014-09-26 17:36 - 00000000 ____D () C:\sh4ldr
2014-09-26 16:11 - 2014-09-26 16:11 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-26 15:38 - 2014-09-26 16:11 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-26 15:37 - 2014-09-26 17:35 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2014-09-26 13:36 - 2014-09-26 13:36 - 00000000 ____D () C:\Users\Grisu\Desktop\Advanced Archive Password Recovery Professional 4.54.48
2014-09-26 13:35 - 2014-09-26 13:35 - 07328167 _____ () C:\Users\Grisu\Downloads\Advanced Archive Password Recovery.zip
2014-09-26 13:13 - 2014-09-26 13:13 - 00000000 _____ () C:\Users\Grisu\Downloads\Spy_Hunter_4_Crack_Full.exe
2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 ____D () C:\Users\Grisu\Desktop\Canon
2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 _____ () C:\autoexec.bat
2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpteOn
2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpitOn
2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpteOn
2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpitOn
2014-09-26 03:00 - 2014-09-26 04:52 - 00000000 ____D () C:\Program Files (x86)\ORBTR
2014-09-26 01:47 - 2014-10-02 01:36 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-26 01:47 - 2014-09-26 03:01 - 00000000 ____D () C:\ProgramData\dad537a8ea1f6947
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator
2014-09-26 01:30 - 2014-09-26 01:30 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn(1).rar
2014-09-26 01:29 - 2014-09-26 01:29 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn.rar
2014-09-25 21:38 - 2014-10-08 11:44 - 00000000 ____D () C:\Users\Grisu\AppData\Local\CANON_INC
2014-09-25 21:32 - 2014-09-26 03:24 - 00000000 ___RD () C:\Users\Grisu\Desktop\104CANON
2014-09-25 21:31 - 2014-09-25 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-09-25 21:30 - 2014-09-25 21:31 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-09-25 21:29 - 2014-09-25 21:46 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\canon
2014-09-25 21:28 - 2014-09-25 21:28 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-09-24 23:32 - 2014-09-24 23:33 - 00001703 _____ () C:\Users\Grisu\Downloads\Adobe Photoshop Lightroom 5.2 [64 bit] (Serials ONLY).zip
2014-09-24 23:19 - 2014-09-24 23:24 - 00000000 ____D () C:\Users\Grisu\Downloads\odbg110
2014-09-24 23:19 - 2014-09-24 23:19 - 01333471 _____ () C:\Users\Grisu\Downloads\odbg110.zip
2014-09-24 22:06 - 2014-09-24 22:06 - 00521216 _____ (PainteR) C:\Users\Grisu\Downloads\Adobe Universal Patcher.exe
2014-09-24 11:32 - 2014-09-24 11:32 - 00000917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk
2014-09-24 10:45 - 2014-09-24 10:45 - 00001711 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk
2014-09-24 01:24 - 2014-09-24 01:29 - 00000000 ____D () C:\Users\Grisu\Downloads\Adobe_Photoshop_Lightroom_5_6_keygen
2014-09-24 01:21 - 2014-09-24 01:21 - 00000000 ____D () C:\Users\Grisu\Documents\Adobe
2014-09-24 00:51 - 2014-09-24 00:53 - 00007510 _____ () C:\Users\Grisu\Adobe Creative Suite Cleaner Tool.log
2014-09-24 00:50 - 2014-09-24 00:53 - 00000000 ____D () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool
2014-09-24 00:49 - 2014-09-24 00:50 - 08098376 _____ () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool.zip
2014-09-24 00:45 - 2014-09-24 00:45 - 00001110 _____ () C:\Users\Grisu\Downloads\[kickass.to]adobe.photoshop.cc.v2014.multi.win.keygen.only.xforce.torrent
2014-09-23 01:50 - 2014-09-23 03:16 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part02.rar
2014-09-22 12:05 - 2014-09-22 13:36 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part01.rar
2014-09-22 03:31 - 2014-09-22 03:31 - 00000000 ____D () C:\ProgramData\Codemasters
2014-09-22 03:15 - 2014-09-22 03:15 - 00001349 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-09-22 03:03 - 2014-09-22 03:03 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-09-22 02:48 - 2014-09-22 02:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\095B6173.sys
2014-09-20 16:31 - 2014-09-30 01:40 - 00071283 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014.ods
2014-09-20 16:22 - 2014-09-27 15:34 - 00020022 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.ods
2014-09-19 13:30 - 2014-09-19 13:31 - 00000000 ____D () C:\Users\Grisu\Desktop\Fiasko
2014-09-19 12:55 - 2014-09-19 12:55 - 13629321 _____ () C:\Users\Grisu\Downloads\The-Next-Generation.rar
2014-09-19 12:55 - 2014-09-19 12:55 - 05895249 _____ () C:\Users\Grisu\Downloads\Was-kommt-danach.rar
2014-09-19 12:54 - 2014-09-19 12:56 - 54808864 _____ () C:\Users\Grisu\Downloads\Liebe---Schmerz.rar
2014-09-19 12:54 - 2014-09-19 12:55 - 07495120 _____ () C:\Users\Grisu\Downloads\Meine-eigene-Lieder.rar
2014-09-19 02:02 - 2014-10-09 12:12 - 00000000 ___RD () C:\Users\Grisu\Dropbox
2014-09-19 02:01 - 2014-09-18 14:59 - 00001021 _____ () C:\Users\Grisu\Desktop\Dropbox.lnk
2014-09-18 14:59 - 2014-09-18 14:59 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 14:56 - 2014-10-09 12:12 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Dropbox
2014-09-18 14:55 - 2014-09-24 09:59 - 00000000 ____D () C:\Users\Grisu\Desktop\Adobe CS6 All Products Activator (x32 & x64)
2014-09-18 14:53 - 2014-09-18 14:54 - 41377280 _____ (Dropbox, Inc.) C:\Users\Grisu\Downloads\Dropbox_2.10.30.exe
2014-09-18 14:24 - 2014-09-18 14:54 - 976158128 _____ (Adobe Systems Incorporated) C:\Users\Grisu\Desktop\Lightroom_5_LS11_win_5_6.exe
2014-09-18 14:07 - 2014-09-18 14:07 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\PDAppFlex
2014-09-18 12:04 - 2014-09-18 12:04 - 00030392 _____ () C:\Users\Grisu\Downloads\excel-vorlagen-haushaltsbuch.zip
2014-09-18 11:49 - 2014-09-18 11:49 - 00034304 _____ () C:\Users\Grisu\Downloads\wochenplan.xls
2014-09-18 11:44 - 2014-09-18 11:45 - 07441742 _____ () C:\Users\Grisu\Downloads\Unternehmensbereich-Aktuelles-SoundOfWork-3029_41456-0.zip
2014-09-18 11:34 - 2014-09-18 12:59 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part02.rar
2014-09-18 09:52 - 2014-09-18 11:17 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part01.rar
2014-09-17 23:28 - 2014-09-17 23:28 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67 (1).exe
2014-09-17 22:58 - 2014-09-17 22:58 - 01101648 _____ () C:\Users\Grisu\Downloads\Firefox - CHIP-Installer.exe
2014-09-17 22:30 - 2014-09-17 22:30 - 00000000 ___RD () C:\Users\Grisu\Creative Cloud Files
2014-09-17 22:26 - 2014-09-17 22:26 - 00001320 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-17 22:17 - 2014-09-17 22:17 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\Grisu\Downloads\CreativeCloudSet-Up.exe
2014-09-17 11:40 - 2014-09-17 11:40 - 00031408 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004.zip
2014-09-17 11:35 - 2014-09-17 11:35 - 01101648 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004 - CHIP-Installer.exe
2014-09-17 11:06 - 2014-09-17 11:36 - 00002269 _____ () C:\Users\Grisu\Desktop\Datenbank Open Office.odb
2014-09-17 10:15 - 2014-09-17 10:15 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\OpenOffice
2014-09-17 08:21 - 2014-09-17 08:21 - 00000855 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-17 08:21 - 2014-09-17 08:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-17 06:35 - 2014-09-17 06:36 - 01101648 _____ () C:\Users\Grisu\Downloads\OpenOffice - CHIP-Installer.exe
2014-09-16 12:24 - 2014-09-16 12:25 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 15 Demo
2014-09-16 12:13 - 2014-09-24 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-16 12:13 - 2014-09-16 12:13 - 00001220 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-16 10:25 - 2014-09-16 10:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6A3A2363.sys
2014-09-15 22:22 - 2014-09-15 22:22 - 00000061 _____ () C:\Windows\wininit.ini
2014-09-15 21:47 - 2014-09-15 21:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-15 21:47 - 2014-09-15 21:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-15 21:44 - 2014-09-15 21:44 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67.exe
2014-09-15 21:39 - 2014-09-15 21:39 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Sun
2014-09-15 12:07 - 2014-09-15 12:07 - 00001818 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-09-15 12:05 - 2014-09-15 12:05 - 00001830 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-09-15 12:01 - 2014-09-15 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-09-15 12:01 - 2014-09-15 23:00 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-09-15 12:01 - 2014-09-15 12:01 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-15 09:32 - 2014-09-15 09:34 - 96138664 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\jre-8u20-windows-x64.exe
2014-09-12 08:17 - 2014-09-12 08:18 - 01370467 _____ () C:\Users\Grisu\Downloads\adwcleaner_3.309.exe
2014-09-11 09:05 - 2014-09-29 01:11 - 00000769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk
2014-09-11 09:05 - 2014-09-11 09:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-09-11 09:04 - 2014-10-08 11:44 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-09-11 09:04 - 2014-09-29 01:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netzmanager
2014-09-11 09:03 - 2014-09-11 09:05 - 00000000 __HDC () C:\ProgramData\{BA58D0EE-89D1-4191-9F19-B6AD920B04F7}
2014-09-11 08:58 - 2014-09-11 08:58 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Grisu\Downloads\netzmanager_setup.exe
2014-09-11 08:40 - 2014-09-11 08:40 - 00000000 ____D () C:\Users\Grisu\.android
2014-09-09 14:52 - 2014-09-09 14:58 - 00000000 ____D () C:\Users\Grisu\Documents\VirtualDJ
2014-09-09 14:35 - 2014-09-15 23:00 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-09-09 14:35 - 2014-09-09 14:35 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Bluestacks
2014-09-09 14:34 - 2014-09-09 14:46 - 35980958 _____ () C:\Users\Grisu\Downloads\atoolViDP8001897763MPT.rar
2014-09-09 14:16 - 2014-09-09 14:52 - 00000965 _____ () C:\Users\Grisu\Desktop\VirtualDJ 8.lnk
2014-09-09 13:58 - 2014-09-11 21:01 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-09-09 13:38 - 2014-10-08 15:17 - 00000000 ____D () C:\Program Files (x86)\Northstar
2014-09-09 13:18 - 2014-09-09 13:18 - 00000159 ___RH () C:\Windows\ctfile.rfc
2014-09-09 13:18 - 2008-12-04 11:59 - 00188416 _____ () C:\Windows\system32\APOMgr64.DLL
2014-09-09 13:18 - 2008-12-04 11:57 - 00146432 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-09-09 13:18 - 2008-09-17 14:07 - 00088064 _____ () C:\Windows\system32\CmdRtr64.DLL
2014-09-09 13:18 - 2008-09-17 14:05 - 00072704 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-09-09 13:17 - 2014-09-09 13:17 - 00000000 ____D () C:\Program Files\Realtek
2014-09-09 13:15 - 2014-09-09 13:41 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-09 13:10 - 2014-09-09 13:10 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-09 13:10 - 2014-09-09 13:10 - 00000000 ____D () C:\Intel
2014-09-09 13:10 - 2009-07-08 16:34 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-09-09 13:09 - 2014-09-09 13:09 - 04040353 _____ () C:\Users\Grisu\Downloads\SATA_Jmicron_1.17.49.04_W7x64_A.zip
2014-09-09 13:09 - 2014-09-09 13:09 - 01516243 _____ () C:\Users\Grisu\Downloads\Modem_liteon_2.2.95_W7x64_A.zip
2014-09-09 13:09 - 2014-09-09 13:09 - 01493802 _____ () C:\Users\Grisu\Downloads\TV Tuner_Yuan_6.0.64.0059_W7x64_A.zip
2014-09-09 13:08 - 2014-09-09 13:14 - 163631797 _____ () C:\Users\Grisu\Downloads\Lan_Intel_14.3_W7x64_A.zip
2014-09-09 13:08 - 2014-09-09 13:11 - 60779343 _____ () C:\Users\Grisu\Downloads\Audio_Realtek_5.10.0.5898_W7x64_A.zip
2014-09-09 13:08 - 2014-09-09 13:08 - 08163850 _____ () C:\Users\Grisu\Downloads\Application_Acer_1.02.3502_W7x64_A.zip
2014-09-09 13:08 - 2014-09-09 13:08 - 02357106 _____ () C:\Users\Grisu\Downloads\Chipset_Intel_9.1.1.1015_W7x64_A.zip
2014-09-09 13:08 - 2014-09-09 13:08 - 01397938 _____ () C:\Users\Grisu\Downloads\CardReader_Northstar_1.2_W7x64_A.zip
2014-09-09 13:08 - 2014-09-09 13:08 - 00948720 _____ () C:\Users\Grisu\Downloads\BIOS_Acer_R01.A3_A_A.zip
2014-09-09 12:51 - 2014-09-09 12:51 - 00328795 __RSH () C:\PYLKM
2014-09-09 12:49 - 2014-09-09 12:49 - 00001432 _____ () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-09 12:29 - 2014-09-09 12:38 - 318337992 _____ () C:\Users\Grisu\Downloads\Windows6.1-KB968211-x64-RefreshPkg.msu
2014-09-09 12:27 - 2014-09-09 12:27 - 00085836 _____ () C:\Users\Grisu\Downloads\PTT-20140818-WA0001.aac
2014-09-09 12:27 - 2014-09-09 12:27 - 00008221 _____ () C:\Users\Grisu\Downloads\PTT-20140818-WA0002.aac
2014-09-09 12:25 - 2014-09-09 12:25 - 00116243 _____ () C:\Users\Grisu\Desktop\WhatsApp Chat mit Perlchen Becca.txt
2014-09-09 12:03 - 2014-09-05 10:49 - 00046080 _____ () C:\Users\Grisu\Desktop\N-Std+Makro1.xls
2014-09-09 12:03 - 2014-08-31 16:59 - 00016138 _____ () C:\Users\Grisu\Desktop\Mappe109.xlsx
2014-09-09 11:43 - 2014-09-09 11:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-09 10:44 - 2014-09-09 10:44 - 00000000 ____D () C:\Windows\CSC
2014-09-09 10:43 - 2009-06-10 22:30 - 00053551 _____ () C:\Windows\Professional.xml
2014-09-09 09:58 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-09 09:58 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-09 09:58 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-09 09:58 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-09 09:58 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-09 09:58 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-09 09:58 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-09 09:58 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-09 09:57 - 2014-09-09 09:57 - 01057472 _____ (Adobe) C:\Users\Grisu\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-09-09 07:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 07:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-09 07:32 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-09 07:32 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-09 07:32 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-09 07:32 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-09 07:32 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-09 07:32 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-09 07:32 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-09 07:32 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-09 07:32 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-09 07:32 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-09 07:32 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-09 07:32 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-09 07:32 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-09 07:32 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-09 07:32 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-09 07:32 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-09 07:32 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-09 07:32 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-09 07:32 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-09 07:32 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-09 07:32 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-09 07:32 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-09 07:32 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-09 07:32 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-09 07:32 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-09 07:32 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-09 07:32 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-09 07:32 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-09 07:32 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-09 07:32 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-09 07:32 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-09 07:32 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-09 07:32 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-09 07:32 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-09 07:32 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-09 07:32 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-09 07:32 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-09 07:32 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-09 07:32 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-09 07:32 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-09 07:32 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-09 07:32 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-09 07:32 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-09 07:32 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-09 07:32 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-09 07:32 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-09 07:32 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-09 07:32 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-09 07:32 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-09 07:32 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-09 07:32 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-09 07:32 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-09 07:32 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-09 07:32 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-09 07:32 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-09 07:32 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-09 07:31 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-09 07:31 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-09 07:31 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-09 07:31 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-09 07:31 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-09 07:31 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-09 07:31 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-09 07:31 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-09 07:29 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-09 07:29 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-09 07:29 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-09 07:29 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-09 07:29 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-09 07:06 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-09 07:06 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-09 07:06 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-09 07:06 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-09 07:05 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-09 07:05 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-09 07:05 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-09 07:05 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-09 07:05 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-09 07:05 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-09 07:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-09 07:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-09 07:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-09 07:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 12:28 - 2014-07-18 18:11 - 00000000 ____D () C:\FRST
2014-10-09 12:28 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Trojaner software
2014-10-09 12:20 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 12:20 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 12:15 - 2014-06-03 09:07 - 01548274 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 12:14 - 2014-06-05 15:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-09 12:11 - 2014-07-29 10:57 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 12:11 - 2014-06-03 10:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-09 12:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 12:08 - 2014-06-11 19:32 - 00000000 ____D () C:\AdwCleaner
2014-10-09 11:32 - 2014-06-13 03:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 11:10 - 2014-07-29 10:57 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-09 02:01 - 2014-08-04 02:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Adobe
2014-10-08 15:04 - 2014-06-06 02:32 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet
2014-10-08 15:02 - 2014-06-06 02:30 - 00000000 ____D () C:\Program Files (x86)\Ganymede
2014-10-08 11:44 - 2014-06-03 17:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-10-08 11:44 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu
2014-10-08 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-08 11:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-06 15:17 - 2014-06-03 14:50 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent
2014-10-05 16:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 02:28 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-04 02:02 - 2014-06-11 00:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-03 23:34 - 2014-08-05 03:07 - 00000000 ____D () C:\Users\Grisu\Desktop\SciLor's Grooveshark.com Downloader
2014-10-03 14:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-02 05:51 - 2014-06-03 10:14 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-10-02 05:47 - 2014-06-23 12:56 - 00000000 ____D () C:\ProgramData\Origin
2014-10-02 05:24 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 14
2014-10-02 04:20 - 2014-06-23 12:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-02 02:00 - 2013-01-22 21:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Paddy musik
2014-10-02 01:29 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-30 12:26 - 2014-07-25 00:31 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Unity
2014-09-27 14:37 - 2014-06-17 15:55 - 00000000 ____D () C:\Users\Grisu\Documents\Benutzerdefinierte Office-Vorlagen
2014-09-27 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-26 23:53 - 2014-07-19 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405765260
2014-09-26 23:53 - 2014-07-19 12:21 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-26 17:11 - 2014-07-18 18:14 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\ICQM
2014-09-26 06:27 - 2014-07-29 10:57 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-26 06:27 - 2014-07-29 10:57 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-26 06:27 - 2014-06-03 16:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-26 05:56 - 2014-06-18 12:34 - 00000774 _____ () C:\Users\Grisu\Desktop\TeamSpeak 3 Client.lnk
2014-09-26 05:55 - 2014-06-11 14:27 - 00000725 _____ () C:\Users\Grisu\Desktop\Cheat Engine.lnk
2014-09-26 05:42 - 2014-07-18 09:56 - 00000907 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2014-09-26 05:42 - 2014-07-18 09:56 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
2014-09-26 05:42 - 2014-07-18 09:53 - 00000899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2014-09-26 05:42 - 2014-07-18 09:51 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2014-09-26 05:08 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VirtualStore
2014-09-26 04:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-26 03:44 - 2014-07-22 06:08 - 00000000 ____D () C:\Windows\Sun
2014-09-26 02:53 - 2009-07-14 19:58 - 00732176 _____ () C:\Windows\system32\perfh007.dat
2014-09-26 02:53 - 2009-07-14 19:58 - 00159712 _____ () C:\Windows\system32\perfc007.dat
2014-09-26 02:53 - 2009-07-14 07:13 - 01704934 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 01:46 - 2014-06-03 16:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Google
2014-09-26 01:30 - 2014-06-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-25 23:51 - 2014-06-25 11:25 - 00000000 ____D () C:\Windows\pss
2014-09-25 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA
2014-09-24 23:08 - 2009-07-14 06:45 - 05157960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 14:59 - 2014-06-03 10:55 - 00118680 _____ () C:\Users\Grisu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-24 11:33 - 2014-07-18 09:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-24 11:29 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe
2014-09-24 10:00 - 2014-07-07 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher
2014-09-24 09:59 - 2014-07-29 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-24 09:59 - 2014-07-07 16:41 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Ubisoft
2014-09-24 09:59 - 2014-06-23 13:02 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-24 09:58 - 2014-07-18 09:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-22 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-22 03:03 - 2014-07-18 10:09 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-20 19:55 - 2014-06-14 04:00 - 00000000 ____D () C:\Windows\Minidump
2014-09-17 22:41 - 2014-06-19 12:37 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Apps\2.0
2014-09-17 22:25 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-17 22:23 - 2014-07-18 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-15 23:00 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Spiele
2014-09-15 23:00 - 2014-06-05 14:57 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 23:00 - 2014-06-03 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-15 21:47 - 2014-06-10 02:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-15 21:32 - 2014-07-28 23:36 - 00000000 ____D () C:\Program Files\Java
2014-09-15 21:09 - 2014-06-05 15:23 - 00000000 ____D () C:\Users\Grisu\Desktop\Arbeitsangaben VIP
2014-09-15 12:05 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-15 09:35 - 2014-07-28 23:36 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-15 09:35 - 2014-07-28 23:36 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-15 09:35 - 2014-07-28 23:36 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-14 05:45 - 2014-08-07 03:56 - 00000000 ____D () C:\Users\Grisu\Downloads\Bilder 2. Weltkrieg
2014-09-13 06:41 - 2014-06-04 19:01 - 00326656 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014-mit-Verdienst-und-Feiertagen.xls
2014-09-12 09:32 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-11 21:02 - 2014-06-18 23:30 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 17:55 - 2014-06-13 03:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 17:55 - 2014-06-03 11:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 17:55 - 2014-06-03 11:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 19:30 - 2014-06-04 19:06 - 00000000 ____D () C:\Users\Grisu\Desktop\Dokumente 2014
2014-09-09 14:52 - 2014-07-04 16:42 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-09-09 14:09 - 2014-06-03 13:16 - 00000184 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-09-09 13:15 - 2014-06-03 16:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-09 11:56 - 2014-06-06 20:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-09 11:53 - 2014-06-06 20:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-09 10:57 - 2014-06-04 19:01 - 00013218 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.xlsx
2014-09-09 10:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-09 10:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-09 10:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-09 10:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-09-09 10:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-09-09 10:39 - 2014-06-15 18:05 - 00002640 _____ () C:\Windows\diagwrn.xml
2014-09-09 10:39 - 2014-06-15 18:05 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-09 10:09 - 2014-07-06 16:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-09 09:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-09-09 07:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-09-09 06:53 - 2014-06-03 09:13 - 00000000 ____D () C:\Recovery
2014-09-09 06:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery

Some content of TEMP:
====================
C:\Users\Grisu\AppData\Local\Temp\aff_setup.exe
C:\Users\Grisu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm0fqcj.dll
C:\Users\Grisu\AppData\Local\Temp\Quarantine.exe
C:\Users\Grisu\AppData\Local\Temp\SpOrder.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 08:47

==================== End Of Log ============================
--- --- ---

--- --- ---


die nächsten schritte bitte !

Williwu 10.10.2014 02:47
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Grisu at 2014-10-10 03:19:18
Running from C:\Users\Grisu\Desktop\Trojaner software
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{DA32882F-5E7D-4A73-A503-6CFF16970655}) (Version: 0.9.2.4061 - BlueStack Systems, Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Duplicate Music Files Finder 1.5.5 (HKLM-x32\...\Duplicate Music Files Finder_is1) (Version:  - LC IBros Solutions S.R.L.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Smart Security (HKLM\...\{23234C01-F6B0-40FE-A583-B66840B28445}) (Version: 7.0.317.4 - ESET, spol s r. o.)
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
ICQ 8.2 (build 7100) (HKCU\...\ICQ) (Version: 8.2.7100.0 - ICQ)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
OpenTTD 1.4.1 (HKLM-x32\...\OpenTTD) (Version: 1.4.1 - OpenTTD)
Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.10.297 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sacred 3 (HKLM-x32\...\U2FjcmVkMw==_is1) (Version: 1 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shutdown Timer (HKLM-x32\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sniper Elite 3 GERMAN (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.7 - Bitdreamers)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUSR_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Wolfenstein German Uncut Edition 1.2 (HKLM-x32\...\Wolfenstein German Uncut Edition 1.2) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

08-10-2014 13:12:16 Installed Shutdown Timer.
08-10-2014 13:15:47 Revo Uninstaller's restore point - SmartCopy
08-10-2014 13:18:10 Revo Uninstaller's restore point - Web Protect for Windows

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-09-26 16:11 - 00005568 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost




==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {137F8DA8-B0D6-4D79-A354-01F3D3786DEC} - System32\Tasks\CCleaner => C:\Program
Task: {3214F43F-E1A1-4C68-BF16-E5897A43677F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {35F176CF-CA9A-44F4-86C7-453074B5F388} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe
Task: {47204497-A725-44BE-A0D9-2F21AE38E29F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {51A59664-473F-4FFA-875A-FE68FE802FD9} - System32\Tasks\AdobeAAMUpdater-1.0-Grisu-PC-Grisu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {56461B0B-7519-4712-B9BB-9859AA17AA2F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {73F6469B-1E78-4E6C-A5F5-88191BFC333F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {7DFD5D42-E1C6-4390-86C1-B957F1040339} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {83D37B77-37C2-4D2B-8458-16CB19C92A74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {887F700D-9A61-4F19-ACE6-457B2D42CCAA} - System32\Tasks\{303E9A7B-F154-43B4-896B-1AD818FEB83A} => C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe
Task: {93E20468-A940-43AF-9687-0AB18E8F852A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-30] (Oracle Corporation)
Task: {967BFB2D-83E2-4B3D-A225-E7BCCF94D76B} - System32\Tasks\{6C11C149-E388-4638-8FF2-38591C16AC8E} => E:\Spiele von C\NBA 2014\nba2k14.exe
Task: {9FA11F48-9923-461F-A36A-F2A17A41238C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {BDFCBC5C-4416-42A1-BB30-04248F26BBFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {EBD56EAC-34D7-4234-8AD6-312092167FC2} - System32\Tasks\Opera scheduled Autoupdate 1405765260 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-06-05 17:17 - 2014-06-05 17:17 - 00380416 _____ () C:\Users\Grisu\Desktop\Trojaner software\tukt5x5j.exe
2014-10-02 02:15 - 2014-09-24 07:09 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-10 17:55 - 2014-09-10 17:55 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: PDF Architect 2 => 3
MSCONFIG\Services: pdfforge CrashHandler => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: StarWindServiceAE => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartCopy.lnk => C:\Windows\pss\SmartCopy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Driver Operating Service => C:\Users\Grisu\AppData\Local\Apps\2.0\JDRWC0RT.9RO\5G9E4LPA.5WV\dros..tion_0000000000000000_0001.0000_b92f9a67277994ec\Driver Operating Service.appref-ms
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe                                                                                                                                                                                                     
MSCONFIG\startupreg: icq => C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2132015822-3264924353-165971380-500 - Administrator - Disabled)
Gast (S-1-5-21-2132015822-3264924353-165971380-501 - Limited - Disabled)
Grisu (S-1-5-21-2132015822-3264924353-165971380-1000 - Administrator - Enabled) => C:\Users\Grisu
HomeGroupUser$ (S-1-5-21-2132015822-3264924353-165971380-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/10/2014 00:18:01 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/10/2014 00:17:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/10/2014 00:17:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x800706be

Error: (10/10/2014 00:08:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mscorsvw.exe, Version: 4.0.30319.18408, Zeitstempel: 0x52310992
Name des fehlerhaften Moduls: mscorwks.dll, Version: 2.0.50727.5483, Zeitstempel: 0x530efdaa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003f94
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xmscorsvw.exe0
Pfad der fehlerhaften Anwendung: mscorsvw.exe1
Pfad des fehlerhaften Moduls: mscorsvw.exe2
Berichtskennung: mscorsvw.exe3

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5483 - Schwerwiegender Fehler im Ausführungsmodul (725CFB66) (80131506).

Error: (10/09/2014 00:20:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/09/2014 00:12:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/09/2014 00:09:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.


Details:
Could not query the status of the EventSystem service.

System Error:
Der Computer wird heruntergefahren.
.

Error: (10/09/2014 11:37:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.


System errors:
=============
Error: (10/10/2014 03:08:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BlueStacks Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/10/2014 03:06:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd

Error: (10/10/2014 03:05:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Orbiter" wurde mit folgendem Fehler beendet:
%%126

Error: (10/10/2014 03:04:32 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (10/10/2014 02:49:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd

Error: (10/10/2014 02:49:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.

Error: (10/10/2014 02:46:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Orbiter" wurde mit folgendem Fehler beendet:
%%126

Error: (10/10/2014 02:46:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎10.‎2014 um 02:45:02 unerwartet heruntergefahren.

Error: (10/10/2014 02:45:58 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (10/10/2014 02:36:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.


Microsoft Office Sessions:
=========================
Error: (10/10/2014 00:18:01 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe

Error: (10/10/2014 00:17:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe

Error: (10/10/2014 00:17:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x800706be
System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (10/10/2014 00:08:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mscorsvw.exe4.0.30319.1840852310992mscorwks.dll2.0.50727.5483530efdaac000000500003f94

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5483 - Schwerwiegender Fehler im Ausführungsmodul (725CFB66) (80131506).

Error: (10/09/2014 00:20:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe

Error: (10/09/2014 00:12:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/09/2014 00:09:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
Der Computer wird heruntergefahren.

Error: (10/09/2014 11:37:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-10-08 12:09:11.957
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-08 12:09:11.590
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-08 12:09:11.244
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-07 13:43:23.735
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-07 13:43:23.297
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-07 13:43:22.924
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-07 04:06:31.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-07 04:06:31.139
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-07 04:06:30.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-06 13:59:27.304
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 51%
Total physical RAM: 6135.17 MB
Available physical RAM: 2987.68 MB
Total Pagefile: 12268.52 MB
Available Pagefile: 9068.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Betriebssys) (Fixed) (Total:115.75 GB) (Free:20.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Programme) (Fixed) (Total:1023.87 GB) (Free:898.31 GB) NTFS
Drive e: (Wichtiges) (Fixed) (Total:931.5 GB) (Free:185.54 GB) NTFS
Drive f: (Volume) (Fixed) (Total:886.45 GB) (Free:492.13 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:465.76 GB) (Free:341.84 GB) NTFS
Drive h: (Betriebssys 2) (Fixed) (Total:723.4 GB) (Free:522.17 GB) NTFS
Drive i: (Spiele 3) (Fixed) (Total:976.56 GB) (Free:849.94 GB) NTFS
Drive j: (Musik&Bilder) (Fixed) (Total:936.58 GB) (Free:188.07 GB) NTFS
Drive k: () (Fixed) (Total:926.44 GB) (Free:891.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F88326EF)
Partition 1: (Active) - (Size=115.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1023.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=723.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F883268C)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=886.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 6A1CCFD9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)

========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 2EE023AC)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 52425DEB)
Partition 1: (Active) - (Size=936.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=926.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

eine zwischen frage...kann man einen festen tower vom systhem stand wieder so hinbekommen wie an disen tag als er hergestellt wurde

schrauber 10.10.2014 19:19
Zitat:
eine zwischen frage...kann man einen festen tower vom systhem stand wieder so hinbekommen wie an disen tag als er hergestellt wurde
Ich versteh kein Wort.

Hast Du die letzten Anweisungen abgearbeitet?

Williwu 12.10.2014 19:18
dachte ich müsste von forne anfangen aber ok hier hast du TxT von JRTJRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by Grisu on 10.10.2014 at  3:33:24,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\extensions\toolbar@gmx.net
Emptied folder: C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\minidumps [2 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.10.2014 at  3:39:29,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---


die aktuellste LOG-files von Jrt letzter stand als aufgabe


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by Grisu on 10.10.2014 at 3:33:24,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\extensions\toolbar@gmx.net
Emptied folder: C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\minidumps [2 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.10.2014 at 3:39:29,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 13.10.2014 14:29
In der letzten Anweisung stand nicht nur Junkware Removal Tool ;)

Williwu 14.10.2014 02:04
sry übersehenAdwCleaner Logfile:
Code:
# AdwCleaner v4.000 - Bericht erstellt am 14/10/2014 um 02:25:25
# Aktualisiert 12/10/2014 von Xplode
# Datenbank : 2014-10-13.5
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Grisu - GRISU-PC
# Gestartet von : C:\Users\Grisu\Desktop\Trojaner software\adwcleaner_4.000.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\Enigma Software Group
Ordner Gefunden : C:\Program Files\Enigma Software Group

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\EnigmaSoftwareGroup
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v32.0.3 (x86 de)


-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [2809 octets] - [11/06/2014 19:32:51]
AdwCleaner[R10].txt - [2578 octets] - [02/10/2014 01:33:36]
AdwCleaner[R11].txt - [4705 octets] - [08/10/2014 13:01:36]
AdwCleaner[R12].txt - [4766 octets] - [08/10/2014 14:22:43]
AdwCleaner[R13].txt - [2520 octets] - [09/10/2014 11:58:57]
AdwCleaner[R14].txt - [2556 octets] - [10/10/2014 03:01:21]
AdwCleaner[R15].txt - [1278 octets] - [14/10/2014 02:25:25]
AdwCleaner[R1].txt - [1995 octets] - [11/06/2014 20:05:47]
AdwCleaner[R2].txt - [1647 octets] - [27/06/2014 07:24:58]
AdwCleaner[R3].txt - [1560 octets] - [02/07/2014 21:05:17]
AdwCleaner[R4].txt - [1882 octets] - [14/07/2014 11:41:24]
AdwCleaner[R5].txt - [1555 octets] - [18/07/2014 18:21:20]
AdwCleaner[R6].txt - [1675 octets] - [21/07/2014 09:20:27]
AdwCleaner[R7].txt - [1795 octets] - [23/07/2014 09:34:17]
AdwCleaner[R8].txt - [2240 octets] - [12/09/2014 08:18:29]
AdwCleaner[R9].txt - [4991 octets] - [02/10/2014 01:18:34]
AdwCleaner[S0].txt - [2762 octets] - [11/06/2014 19:33:59]
AdwCleaner[S10].txt - [4675 octets] - [08/10/2014 14:27:47]
AdwCleaner[S11].txt - [2536 octets] - [09/10/2014 12:08:06]
AdwCleaner[S12].txt - [2618 octets] - [10/10/2014 03:03:34]
AdwCleaner[S1].txt - [2056 octets] - [11/06/2014 20:07:02]
AdwCleaner[S2].txt - [1608 octets] - [27/06/2014 07:27:15]
AdwCleaner[S3].txt - [1521 octets] - [02/07/2014 21:06:28]
AdwCleaner[S4].txt - [1892 octets] - [14/07/2014 11:42:45]
AdwCleaner[S5].txt - [1616 octets] - [18/07/2014 18:22:15]
AdwCleaner[S6].txt - [1736 octets] - [21/07/2014 09:31:33]
AdwCleaner[S7].txt - [2205 octets] - [12/09/2014 08:31:37]
AdwCleaner[S8].txt - [4963 octets] - [02/10/2014 01:20:48]
AdwCleaner[S9].txt - [2638 octets] - [02/10/2014 01:35:05]

########## EOF - C:\AdwCleaner\AdwCleaner[R15].txt - [2662 octets] ##########
--- --- ---

habe es danach sofort gelösch was der bericht sagte

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 14.10.2014
Suchlauf-Zeit: 02:46:22
Logdatei: Anti-MaleWare.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.10.13.10
Rootkit Datenbank: v2014.10.11.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Grisu

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365090
Verstrichene Zeit: 16 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

schrauber 14.10.2014 20:13
AdwCleaner auch löschen lassen.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Williwu 15.10.2014 12:30
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6715594965556d4f8d18e2a093a9df6e
# engine=20601
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-15 11:13:40
# local_time=2014-10-15 01:13:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777214 100 100 0 44849642 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 1586514 165001470 0 0
# compatibility_mode_1='ESET Smart Security 7.0'
# compatibility_mode=8221 16777213 100 100 6838152 33951362 0 0
# scanned=731548
# found=0
# cleaned=0
# scan_time=35604
# nod_component=V3 Build:0x30000000

Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
ESET Smart Security 7.0
Kaspersky Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Adobe Flash Player 15.0.0.152
Mozilla Firefox (32.0.3)
Google Chrome 37.0.2062.124
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014
Ran by Grisu (administrator) on GRISU-PC on 15-10-2014 13:28:46
Running from C:\Users\Grisu\Desktop\Trojaner software
Loaded Profile: Grisu (Available profiles: Grisu)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe
(Deutsche Telekom AG) D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Dropbox, Inc.) C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Deutsche Telekom AG) D:\Programme\Netzmanager\netzmanager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (BlueStack Systems, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: OpitOn -> {6b836c64-f364-437e-bab5-11f39990cfe9} ->  No File
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: OpteOn -> {ab957d78-2cdb-4568-8020-2eaabcd137c2} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: GoSaive -> {cfd100a1-0615-4d32-9827-7ac2d4b0faa4} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-10-02]
FF Extension: {7d02e03c-f690-4f38-bf10-5e8cc02a4740} - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{7d02e03c-f690-4f38-bf10-5e8cc02a4740}.xpi [2014-09-09]
FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-17]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-28]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-09-26]
CHR Extension: (ZenMate) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-05]
CHR Extension: (AdBlock) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-09-26]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-09-26]
CHR Extension: (Virtual Keyboard) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-09-26]
CHR Extension: (Disconnect) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-17]
CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-29]
CHR Extension: (Anti-Banner) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-09-26]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-07-06] () [File not signed]
R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-07-06] (My Digital Life Forums) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Netzmanager Service; D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH) [File not signed]
S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-06-03] (Duplex Secure Ltd.)
R3 TelekomNM6; D:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gwfilt64; system32\drivers\gwfilt64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 03:04 - 2014-10-14 03:04 - 00001142 _____ () C:\Users\Grisu\Desktop\Anti-MaleWare.txt
2014-10-14 02:41 - 2014-10-14 02:41 - 00000314 _____ () C:\Windows\PFRO.log
2014-10-14 02:10 - 2014-10-14 02:10 - 00000000 ____D () C:\Users\Grisu\4.0
2014-10-14 02:10 - 2014-10-14 02:10 - 00000000 ____D () C:\Users\Grisu\.tfo4
2014-10-12 21:27 - 2014-10-12 21:36 - 28076375 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part3.rar
2014-10-12 10:07 - 2014-10-12 10:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\04E23FBD.sys
2014-10-12 10:04 - 2014-10-12 10:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1BA03D9F.sys
2014-10-11 12:33 - 2014-10-11 13:42 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part2.rar
2014-10-11 10:26 - 2014-10-11 10:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0781265D.sys
2014-10-10 09:43 - 2014-10-10 09:43 - 00001818 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-10-10 09:40 - 2014-10-10 09:40 - 00001830 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-10-10 09:34 - 2014-10-10 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-10-10 09:34 - 2014-10-10 09:34 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-10-10 09:22 - 2014-10-15 03:03 - 00003045 _____ () C:\Windows\setupact.log
2014-10-10 09:22 - 2014-10-10 09:22 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 08:53 - 2014-10-10 08:53 - 13309928 _____ (BlueStack Systems Inc.) C:\Users\Grisu\Downloads\BlueStacks-SplitInstaller_native.exe
2014-10-10 06:50 - 2014-10-10 06:54 - 163978588 _____ () C:\Users\Grisu\Downloads\U2-Songs_Of_Innocence-%28Deluxe_Edition%29-2CD-2014-BriBerY.rar
2014-10-10 06:11 - 2014-10-10 06:11 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-10 06:00 - 2014-10-10 06:00 - 00001088 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VS Revo Group
2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-10-10 06:00 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-10-10 05:56 - 2014-10-10 07:04 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part1.rar
2014-10-10 05:55 - 2014-10-10 05:58 - 50068373 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_German_ODC_TOP50_vom_06.10.2014-CannaPower.rar
2014-10-10 00:58 - 2014-10-10 09:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2E653FC9.sys
2014-10-09 12:24 - 2014-10-09 13:20 - 00000000 ___SD () C:\ComboFix
2014-10-08 15:19 - 2014-10-08 15:19 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\VSRevoGroup
2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Sinvise Systems
2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems
2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Program Files (x86)\Sinvise Systems
2014-10-08 15:10 - 2014-10-08 15:10 - 01125200 _____ () C:\Users\Grisu\Downloads\Shutdown Timer 32 Bit - CHIP-Installer.exe
2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-08 14:57 - 2014-10-08 14:57 - 02347384 _____ (ESET) C:\Users\Grisu\Downloads\esetsmartinstaller_deu.exe
2014-10-08 14:55 - 2014-10-08 14:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64911C52.sys
2014-10-08 04:15 - 2014-10-08 04:15 - 04246449 _____ () C:\Users\Grisu\Downloads\motochopper.zip
2014-10-08 03:52 - 2014-10-09 13:33 - 00000000 ____D () C:\Users\Grisu\Downloads\Android-Root-Tool
2014-10-08 03:52 - 2014-10-08 03:52 - 00000000 ____D () C:\EGLTD
2014-10-07 14:47 - 2014-10-07 14:47 - 02941840 _____ (Microsoft Corporation) C:\Users\Grisu\Downloads\Windows7-USB-DVD-Download-Tool-Installer-de-DE.exe
2014-10-05 14:38 - 2014-10-15 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-04 02:20 - 2014-10-04 02:27 - 291852366 _____ () C:\Users\Grisu\Downloads\Windows6.1-KB968211-x86-RefreshPkg.msu
2014-10-03 14:18 - 2014-10-03 14:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1343656D.sys
2014-10-02 09:35 - 2014-10-02 09:55 - 176129509 _____ () C:\Users\Grisu\Downloads\Mashup-Germany - Vol.6 - Back to the future.zip
2014-10-02 08:56 - 2014-10-14 02:39 - 00270078 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.odt
2014-10-02 02:15 - 2014-10-15 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-02 02:08 - 2014-10-02 02:08 - 00001768 _____ () C:\sc-cleaner.txt
2014-10-02 02:07 - 2014-10-02 02:07 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Grisu\Downloads\sc-cleaner.exe
2014-10-02 01:43 - 2014-10-02 01:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-02 01:27 - 2014-10-02 01:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Grisu\Downloads\revosetup95.exe
2014-10-02 01:16 - 2014-10-02 01:18 - 00068191 _____ () C:\Users\Grisu\Downloads\FRST.txt
2014-10-01 12:25 - 2014-10-01 12:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\449A0149.sys
2014-10-01 00:19 - 2014-10-01 00:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7D894C22.sys
2014-09-29 14:13 - 2014-10-01 12:05 - 00381736 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.txt
2014-09-28 12:49 - 2014-09-28 12:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\319F42D4.sys
2014-09-28 12:09 - 2014-09-28 12:09 - 00335504 _____ (Bytro Labs) C:\Users\Grisu\Downloads\S1914JavaInstaller.exe
2014-09-26 17:26 - 2014-09-26 17:26 - 00000000 ____D () C:\Users\Grisu\Downloads\SpyHunter-v4.15.1.4270-Incl-Crack---[MUMBAI]
2014-09-26 16:12 - 2014-09-26 16:12 - 00000310 _____ () C:\CCALib8WS.log
2014-09-26 16:11 - 2014-09-26 17:36 - 00000000 ____D () C:\sh4ldr
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2014-09-26 13:36 - 2014-09-26 13:36 - 00000000 ____D () C:\Users\Grisu\Desktop\Advanced Archive Password Recovery Professional 4.54.48
2014-09-26 13:35 - 2014-09-26 13:35 - 07328167 _____ () C:\Users\Grisu\Downloads\Advanced Archive Password Recovery.zip
2014-09-26 13:13 - 2014-09-26 13:13 - 00000000 _____ () C:\Users\Grisu\Downloads\Spy_Hunter_4_Crack_Full.exe
2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 ____D () C:\Users\Grisu\Desktop\Canon
2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 _____ () C:\autoexec.bat
2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpteOn
2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpitOn
2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpteOn
2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpitOn
2014-09-26 03:00 - 2014-09-26 04:52 - 00000000 ____D () C:\Program Files (x86)\ORBTR
2014-09-26 01:47 - 2014-10-02 01:36 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-26 01:47 - 2014-09-26 03:01 - 00000000 ____D () C:\ProgramData\dad537a8ea1f6947
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator
2014-09-26 01:30 - 2014-09-26 01:30 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn(1).rar
2014-09-26 01:29 - 2014-09-26 01:29 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn.rar
2014-09-25 21:38 - 2014-10-08 11:44 - 00000000 ____D () C:\Users\Grisu\AppData\Local\CANON_INC
2014-09-25 21:32 - 2014-09-26 03:24 - 00000000 ___RD () C:\Users\Grisu\Desktop\104CANON
2014-09-25 21:31 - 2014-09-25 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-09-25 21:30 - 2014-09-25 21:31 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-09-25 21:29 - 2014-09-25 21:46 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\canon
2014-09-25 21:28 - 2014-09-25 21:28 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-09-24 23:32 - 2014-09-24 23:33 - 00001703 _____ () C:\Users\Grisu\Downloads\Adobe Photoshop Lightroom 5.2 [64 bit] (Serials ONLY).zip
2014-09-24 23:19 - 2014-09-24 23:24 - 00000000 ____D () C:\Users\Grisu\Downloads\odbg110
2014-09-24 23:19 - 2014-09-24 23:19 - 01333471 _____ () C:\Users\Grisu\Downloads\odbg110.zip
2014-09-24 22:06 - 2014-09-24 22:06 - 00521216 _____ (PainteR) C:\Users\Grisu\Downloads\Adobe Universal Patcher.exe
2014-09-24 11:32 - 2014-09-24 11:32 - 00000917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk
2014-09-24 10:45 - 2014-09-24 10:45 - 00001711 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk
2014-09-24 01:24 - 2014-09-24 01:29 - 00000000 ____D () C:\Users\Grisu\Downloads\Adobe_Photoshop_Lightroom_5_6_keygen
2014-09-24 01:21 - 2014-09-24 01:21 - 00000000 ____D () C:\Users\Grisu\Documents\Adobe
2014-09-24 00:51 - 2014-09-24 00:53 - 00007510 _____ () C:\Users\Grisu\Adobe Creative Suite Cleaner Tool.log
2014-09-24 00:50 - 2014-09-24 00:53 - 00000000 ____D () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool
2014-09-24 00:49 - 2014-09-24 00:50 - 08098376 _____ () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool.zip
2014-09-23 01:50 - 2014-09-23 03:16 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part02.rar
2014-09-22 12:05 - 2014-09-22 13:36 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part01.rar
2014-09-22 03:31 - 2014-09-22 03:31 - 00000000 ____D () C:\ProgramData\Codemasters
2014-09-22 03:15 - 2014-09-22 03:15 - 00001349 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-09-22 03:03 - 2014-09-22 03:03 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-09-22 02:48 - 2014-09-22 02:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\095B6173.sys
2014-09-20 16:31 - 2014-10-13 12:25 - 00070172 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014.ods
2014-09-20 16:22 - 2014-10-12 11:03 - 00020028 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.ods
2014-09-19 12:55 - 2014-09-19 12:55 - 13629321 _____ () C:\Users\Grisu\Downloads\The-Next-Generation.rar
2014-09-19 12:55 - 2014-09-19 12:55 - 05895249 _____ () C:\Users\Grisu\Downloads\Was-kommt-danach.rar
2014-09-19 12:54 - 2014-09-19 12:56 - 54808864 _____ () C:\Users\Grisu\Downloads\Liebe---Schmerz.rar
2014-09-19 12:54 - 2014-09-19 12:55 - 07495120 _____ () C:\Users\Grisu\Downloads\Meine-eigene-Lieder.rar
2014-09-19 02:02 - 2014-10-15 03:04 - 00000000 ___RD () C:\Users\Grisu\Dropbox
2014-09-19 02:01 - 2014-09-18 14:59 - 00001021 _____ () C:\Users\Grisu\Desktop\Dropbox.lnk
2014-09-18 14:59 - 2014-09-18 14:59 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 14:56 - 2014-10-15 03:04 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Dropbox
2014-09-18 14:55 - 2014-09-24 09:59 - 00000000 ____D () C:\Users\Grisu\Desktop\Adobe CS6 All Products Activator (x32 & x64)
2014-09-18 14:53 - 2014-09-18 14:54 - 41377280 _____ (Dropbox, Inc.) C:\Users\Grisu\Downloads\Dropbox_2.10.30.exe
2014-09-18 14:07 - 2014-09-18 14:07 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\PDAppFlex
2014-09-18 12:04 - 2014-09-18 12:04 - 00030392 _____ () C:\Users\Grisu\Downloads\excel-vorlagen-haushaltsbuch.zip
2014-09-18 11:49 - 2014-09-18 11:49 - 00034304 _____ () C:\Users\Grisu\Downloads\wochenplan.xls
2014-09-18 11:44 - 2014-09-18 11:45 - 07441742 _____ () C:\Users\Grisu\Downloads\Unternehmensbereich-Aktuelles-SoundOfWork-3029_41456-0.zip
2014-09-18 11:34 - 2014-09-18 12:59 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part02.rar
2014-09-18 09:52 - 2014-09-18 11:17 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part01.rar
2014-09-17 23:28 - 2014-09-17 23:28 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67 (1).exe
2014-09-17 22:30 - 2014-09-17 22:30 - 00000000 ___RD () C:\Users\Grisu\Creative Cloud Files
2014-09-17 11:40 - 2014-09-17 11:40 - 00031408 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004.zip
2014-09-17 11:35 - 2014-09-17 11:35 - 01101648 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004 - CHIP-Installer.exe
2014-09-17 11:06 - 2014-09-17 11:36 - 00002269 _____ () C:\Users\Grisu\Desktop\Datenbank Open Office.odb
2014-09-17 10:15 - 2014-09-17 10:15 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\OpenOffice
2014-09-17 08:21 - 2014-09-17 08:21 - 00000855 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-17 08:21 - 2014-09-17 08:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-17 06:35 - 2014-09-17 06:36 - 01101648 _____ () C:\Users\Grisu\Downloads\OpenOffice - CHIP-Installer.exe
2014-09-16 12:24 - 2014-09-16 12:25 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 15 Demo
2014-09-16 10:25 - 2014-09-16 10:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6A3A2363.sys
2014-09-15 21:47 - 2014-09-15 21:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-15 21:47 - 2014-09-15 21:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-15 21:44 - 2014-09-15 21:44 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67.exe
2014-09-15 21:39 - 2014-09-15 21:39 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Sun
2014-09-15 12:01 - 2014-10-10 09:34 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-09-15 09:32 - 2014-09-15 09:34 - 96138664 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\jre-8u20-windows-x64.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 13:28 - 2014-07-18 18:11 - 00000000 ____D () C:\FRST
2014-10-15 13:28 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Trojaner software
2014-10-15 13:18 - 2014-06-06 02:32 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet
2014-10-15 12:54 - 2014-06-13 03:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-15 12:32 - 2014-07-29 10:57 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 06:32 - 2014-07-29 10:57 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-15 03:14 - 2014-08-04 02:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Adobe
2014-10-15 03:10 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-15 03:10 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-15 03:09 - 2014-06-05 15:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 03:05 - 2014-06-03 09:07 - 01831687 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 03:04 - 2014-06-03 10:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-15 03:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-14 02:40 - 2014-06-11 19:32 - 00000000 ____D () C:\AdwCleaner
2014-10-14 02:10 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu
2014-10-13 02:08 - 2014-06-23 12:56 - 00000000 ____D () C:\ProgramData\Origin
2014-10-13 01:28 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 14
2014-10-12 22:50 - 2014-06-23 12:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-11 11:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-10 09:58 - 2014-09-09 14:35 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-10 09:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-10 09:32 - 2013-01-22 21:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Paddy musik
2014-10-10 06:35 - 2009-07-14 19:58 - 00732176 _____ () C:\Windows\system32\perfh007.dat
2014-10-10 06:35 - 2009-07-14 19:58 - 00159712 _____ () C:\Windows\system32\perfc007.dat
2014-10-10 06:35 - 2009-07-14 07:13 - 01685660 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-10 06:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-10 04:03 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe
2014-10-10 03:57 - 2014-07-18 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-10 03:52 - 2014-06-23 13:02 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-10 00:16 - 2014-06-17 15:55 - 00000000 ____D () C:\Users\Grisu\Documents\Benutzerdefinierte Office-Vorlagen
2014-10-09 12:31 - 2014-09-11 09:04 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-10-08 15:02 - 2014-06-06 02:30 - 00000000 ____D () C:\Program Files (x86)\Ganymede
2014-10-08 11:44 - 2014-06-03 17:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-10-08 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-06 15:17 - 2014-06-03 14:50 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent
2014-10-05 16:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 02:28 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-04 02:02 - 2014-06-11 00:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-03 23:34 - 2014-08-05 03:07 - 00000000 ____D () C:\Users\Grisu\Desktop\SciLor's Grooveshark.com Downloader
2014-10-02 05:51 - 2014-06-03 10:14 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-10-02 01:29 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-30 12:26 - 2014-07-25 00:31 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Unity
2014-09-29 01:11 - 2014-09-11 09:05 - 00000769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk
2014-09-29 01:11 - 2014-09-11 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netzmanager
2014-09-27 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-26 23:53 - 2014-07-19 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405765260
2014-09-26 23:53 - 2014-07-19 12:21 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-26 17:11 - 2014-07-18 18:14 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\ICQM
2014-09-26 06:27 - 2014-07-29 10:57 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-26 06:27 - 2014-07-29 10:57 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-26 06:27 - 2014-06-03 16:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-26 05:56 - 2014-06-18 12:34 - 00000774 _____ () C:\Users\Grisu\Desktop\TeamSpeak 3 Client.lnk
2014-09-26 05:55 - 2014-06-11 14:27 - 00000725 _____ () C:\Users\Grisu\Desktop\Cheat Engine.lnk
2014-09-26 05:42 - 2014-07-18 09:56 - 00000907 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2014-09-26 05:42 - 2014-07-18 09:56 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
2014-09-26 05:42 - 2014-07-18 09:53 - 00000899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2014-09-26 05:42 - 2014-07-18 09:51 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2014-09-26 05:08 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VirtualStore
2014-09-26 04:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-26 03:44 - 2014-07-22 06:08 - 00000000 ____D () C:\Windows\Sun
2014-09-26 01:46 - 2014-06-03 16:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Google
2014-09-26 01:30 - 2014-06-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-25 23:51 - 2014-06-25 11:25 - 00000000 ____D () C:\Windows\pss
2014-09-25 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA
2014-09-24 23:08 - 2009-07-14 06:45 - 05157960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 14:59 - 2014-06-03 10:55 - 00118680 _____ () C:\Users\Grisu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-24 11:33 - 2014-07-18 09:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-24 09:59 - 2014-07-29 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-24 09:59 - 2014-07-07 16:41 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Ubisoft
2014-09-24 09:58 - 2014-07-18 09:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-22 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-22 03:03 - 2014-07-18 10:09 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-20 19:55 - 2014-06-14 04:00 - 00000000 ____D () C:\Windows\Minidump
2014-09-17 22:41 - 2014-06-19 12:37 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Apps\2.0
2014-09-17 22:25 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 23:00 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Spiele
2014-09-15 23:00 - 2014-06-05 14:57 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 23:00 - 2014-06-03 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-15 21:47 - 2014-06-10 02:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-15 21:32 - 2014-07-28 23:36 - 00000000 ____D () C:\Program Files\Java
2014-09-15 21:09 - 2014-06-05 15:23 - 00000000 ____D () C:\Users\Grisu\Desktop\Arbeitsangaben VIP
2014-09-15 09:35 - 2014-07-28 23:36 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-15 09:35 - 2014-07-28 23:36 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-15 09:35 - 2014-07-28 23:36 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe

Some content of TEMP:
====================
C:\Users\Grisu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvedj71.dll
C:\Users\Grisu\AppData\Local\Temp\FileSystemView.dll
C:\Users\Grisu\AppData\Local\Temp\Quarantine.exe
C:\Users\Grisu\AppData\Local\Temp\sqlite3.dll
C:\Users\Grisu\AppData\Local\Temp\VSUSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 08:47

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 15.10.2014 20:53
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Williwu 16.10.2014 10:03
dankeschön für die Hilfe am PC...hat zwar leider lange gedauert und auch viel mühe und not gekostet, kraft verbraucht aber ohne die Hilfe wären wir nicht an einem positiven ende gekommen.

danke danke danke

schrauber 16.10.2014 18:43
Gern Geschehen :)

Williwu 16.10.2014 23:52
obwohl du kleine frage kann man das selbe auch mit dem PC machen der ist bestimmt noch bis heute verseucht und ich würde ihn gerne wieder so schnell haben wie nach dem kauf

schrauber 17.10.2014 20:19
poste mal FRST Logs von dem PC :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:22 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22