Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7: Advanced System Protector lässt sich nicht deinstallieren (https://www.trojaner-board.de/155825-windows-7-advanced-system-protector-laesst-deinstallieren.html)

pienut 28.06.2014 19:52
Windows 7: Advanced System Protector lässt sich nicht deinstallieren
 
Hallo zusammen,

mein Name ist Alex und ich habe ein Problem mit dem Advanced System Protector.
Ich hab ihn mir gestern eingefangen und wollte ihn über die Systemsteuerung wieder deinstallieren, allerdings installiert sich das Programm nach wenigen Minuten wieder von selbst. Ansonsten ist mir nichts ungewöhnliches aufgefallen. Störend ist nur, dass nach jedem Neustart/Hochfahren des PC ein Systemcheck mit dem System Speedup durchgeführt wird, den ich bisher immer unterbrochen habe, da ich das Programm nicht kenne und auch nicht installiert habe. Ich hoffe hier bin ich richtig mit meinem Problem.
Ich habe nun eure Anleitung durchgearbeitet und Poste mal meine Logfiles:
Der defogger gab keine Fehlermeldung raus.

FRST.txt:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Alexander (administrator) on PIENUT on 28-06-2014 19:43:04
Running from C:\Users\Alexander\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mad Catz Inc) C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\Alexander\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [S.T.R.I.K.E.5 Service] => C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe [278528 2012-10-11] (Mad Catz Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [RPMKickstart] - C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Google Update] => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-16] (Google Inc.)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x21EE8203C0D2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - F764C80A9DD34EC998B4BA4247D9129F URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {463F81C0-28DE-492d-A646-8672191270CA} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: GBHO.BHO - {45d30484-7ded-43d9-957a-d2fd1f046511} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Deeal - {70C53538-9F82-42BC-A327-74F7A46E700C} - C:\Program Files (x86)\Deeal\ScriptHost.dll (Deeal)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: sweet-page
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: sweet-page
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Alexander\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\searchplugins\bingp.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: Adblock Plus - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: hxxp://www.sweet-page.com/web/?type=ds&ts=1401662147&from=ill&uid=ST2000DL003-9VT166_5YD6TENRXXXX5YD6TENR&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Wallet) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S4 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-07-12] (BioWare)
S3 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [3383480 2013-09-15] (Leap Motion, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [744856 2012-11-14] (Tunngle.net GmbH) [File not signed]

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
R3 HidEmulator; C:\Windows\System32\DRIVERS\HidEmulator.sys [10480 2013-08-15] (Leap Motion, Inc.)
R3 HidEmulatorKmdf; C:\Windows\System32\DRIVERS\HidEmulatorKmdf.sys [24432 2013-08-15] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-28] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Said1108; C:\Windows\System32\DRIVERS\Said1108.sys [25920 2012-10-16] (Saitek)
R3 SaiK1108; C:\Windows\System32\DRIVERS\SaiK1108.sys [180544 2012-10-16] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-28 19:43 - 2014-06-28 19:43 - 00019491 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-28 19:42 - 2014-06-28 19:43 - 00000000 ____D () C:\FRST
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:45 - 2014-06-28 18:45 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-28 18:44 - 2014-06-28 19:13 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-06-28 18:44 - 2014-06-28 18:46 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-06-28 18:44 - 2014-06-28 18:46 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-06-28 18:44 - 2014-06-28 18:44 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-06-28 18:44 - 2014-06-28 18:44 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-06-28 18:44 - 2014-06-28 18:44 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-06-28 18:44 - 2014-06-28 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-06-28 18:44 - 2014-06-28 18:44 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 18:09 - 2014-06-28 18:09 - 00000000 ____D () C:\AdwCleaner
2014-06-28 17:53 - 2014-06-28 18:47 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-28 17:52 - 2014-06-28 18:44 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-28 17:52 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-06-28 17:14 - 2014-06-28 18:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 17:14 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-28 17:10 - 2014-06-28 17:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 21:09 - 2014-06-28 19:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-27 21:09 - 2014-06-27 21:09 - 00667648 _____ () C:\Users\Alexander\AppData\Roaming\~dynrgvw.exe
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-18 04:00 - 2014-06-27 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 02:00 - 2014-06-28 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:19 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-16 17:17 - 2014-06-11 10:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-16 17:17 - 2014-06-11 10:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-16 17:17 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-05-30 01:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-16 17:10 - 2014-05-30 01:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-16 17:10 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:03 - 2014-06-16 17:10 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-12 18:09 - 2014-06-13 16:20 - 00431104 _____ () C:\ProgramData\uninstall_Deeal.exe
2014-06-12 14:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:57 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:57 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:57 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:57 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 14:57 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 14:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 14:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 14:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 14:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 14:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 14:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 14:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 14:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:56 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 14:56 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2014-06-10 19:41 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-06 12:52 - 2014-06-06 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-02 00:39 - 2014-06-11 10:24 - 00000000 ____D () C:\Program Files\003
2014-06-02 00:39 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:37 - 2014-06-28 16:28 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\wp_update
2014-06-02 00:36 - 2014-06-11 10:13 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-02 00:36 - 2014-06-02 13:57 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-02 00:36 - 2014-06-02 00:37 - 00000000 ____D () C:\ProgramData\WPM
2014-06-02 00:36 - 2014-06-02 00:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\SupTab
2014-06-02 00:36 - 2014-06-02 00:36 - 00000000 ____D () C:\Users\Alexander\AppData\Local\globalUpdate
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp
2014-05-30 15:28 - 2014-06-03 01:27 - 00000000 ____D () C:\Users\Alexander\Documents\BWL

==================== One Month Modified Files and Folders =======

2014-06-28 19:43 - 2014-06-28 19:43 - 00019491 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-28 19:43 - 2014-06-28 19:42 - 00000000 ____D () C:\FRST
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-06-28 19:42 - 2012-12-16 13:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:30 - 2013-10-16 11:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-28 19:26 - 2014-06-27 21:09 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-28 19:23 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-28 19:23 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-28 19:19 - 2012-01-14 21:31 - 01548397 _____ () C:\Windows\WindowsUpdate.log
2014-06-28 19:18 - 2012-01-15 21:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Skype
2014-06-28 19:16 - 2012-01-14 15:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-06-28 19:16 - 2009-07-14 06:51 - 00091434 _____ () C:\Windows\setupact.log
2014-06-28 19:15 - 2012-01-14 14:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-28 19:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-28 19:13 - 2014-06-28 18:44 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:52 - 2014-06-28 17:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 18:50 - 2012-03-26 20:12 - 00002378 _____ () C:\Users\Alexander\Desktop\Google Chrome.lnk
2014-06-28 18:50 - 2012-01-15 14:37 - 00001154 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 15:21 - 00001142 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 14:44 - 00001425 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-28 18:47 - 2014-06-28 17:53 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-28 18:46 - 2014-06-28 18:44 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-06-28 18:46 - 2014-06-28 18:44 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-06-28 18:45 - 2014-06-28 18:45 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-28 18:44 - 2014-06-28 18:44 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-06-28 18:44 - 2014-06-28 18:44 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-06-28 18:44 - 2014-06-28 18:44 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-06-28 18:44 - 2014-06-28 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-06-28 18:44 - 2014-06-28 18:44 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-06-28 18:44 - 2014-06-28 17:52 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:34 - 2010-11-21 05:47 - 00878302 _____ () C:\Windows\PFRO.log
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 18:09 - 2014-06-28 18:09 - 00000000 ____D () C:\AdwCleaner
2014-06-28 18:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-06-28 17:46 - 2011-04-12 09:43 - 00710518 _____ () C:\Windows\system32\perfh007.dat
2014-06-28 17:46 - 2011-04-12 09:43 - 00154848 _____ () C:\Windows\system32\perfc007.dat
2014-06-28 17:46 - 2009-07-14 07:13 - 01651758 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 17:38 - 2014-03-15 03:56 - 00000000 ____D () C:\Temp
2014-06-28 17:33 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Spotify
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2012-10-17 22:58 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Malwarebytes
2014-06-28 17:14 - 2012-10-17 22:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 17:11 - 2014-06-28 17:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-28 16:56 - 2012-01-29 11:56 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8188928D-0519-47C3-AF23-9B006231D1F6}
2014-06-28 16:28 - 2014-06-02 00:37 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\wp_update
2014-06-28 16:15 - 2012-11-01 17:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-28 02:42 - 2012-12-16 13:35 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job
2014-06-28 02:00 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-27 23:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-27 21:09 - 2014-06-27 21:09 - 00667648 _____ () C:\Users\Alexander\AppData\Roaming\~dynrgvw.exe
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:09 - 2014-06-18 04:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-27 19:50 - 2014-03-21 14:55 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Battle.net
2014-06-27 06:09 - 2012-01-15 04:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\PMB Files
2014-06-26 22:21 - 2012-01-14 16:25 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-25 23:21 - 2014-03-21 14:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-24 05:37 - 2012-04-26 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-23 14:47 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Spotify
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-19 02:37 - 2012-12-16 13:35 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA
2014-06-19 02:37 - 2012-12-16 13:35 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core
2014-06-16 23:41 - 2013-10-16 11:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 23:41 - 2012-04-04 22:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 23:41 - 2012-01-14 16:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:20 - 2012-01-14 14:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-16 17:20 - 2012-01-14 14:47 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-06-16 17:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:10 - 2012-11-20 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-16 17:10 - 2012-01-14 14:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-13 16:20 - 2014-06-12 18:09 - 00431104 _____ () C:\ProgramData\uninstall_Deeal.exe
2014-06-13 03:04 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 03:02 - 2012-01-15 14:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 03:02 - 2012-01-15 14:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 03:01 - 2014-05-06 21:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 10:57 - 2014-06-16 17:17 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-11 10:57 - 2014-06-16 17:17 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-11 10:57 - 2012-02-22 14:22 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-11 10:24 - 2014-06-02 00:39 - 00000000 ____D () C:\Program Files\003
2014-06-11 10:18 - 2014-03-12 19:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-11 10:18 - 2012-01-15 21:01 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 10:13 - 2014-06-02 00:36 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:41 - 2014-06-10 19:40 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2012-01-21 16:04 - 00222889 _____ () C:\Windows\DirectX.log
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-08 11:13 - 2014-06-12 14:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 14:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 22:58 - 2014-06-06 12:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-06 14:30 - 2014-03-14 18:51 - 00010386 _____ () C:\Users\Alexander\Desktop\Internet Geld.xlsx
2014-06-03 01:27 - 2014-05-30 15:28 - 00000000 ____D () C:\Users\Alexander\Documents\BWL
2014-06-03 01:22 - 2013-04-28 16:22 - 00251340 _____ () C:\Windows\DPINST.LOG
2014-06-03 01:21 - 2013-12-01 15:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-03 01:21 - 2013-04-28 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-03 01:21 - 2012-01-14 14:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 13:57 - 2014-06-02 00:36 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:37 - 2014-06-02 00:36 - 00000000 ____D () C:\ProgramData\WPM
2014-06-02 00:36 - 2014-06-02 00:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\SupTab
2014-06-02 00:36 - 2014-06-02 00:36 - 00000000 ____D () C:\Users\Alexander\AppData\Local\globalUpdate
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp
2014-05-30 15:29 - 2012-01-14 14:44 - 00000000 ____D () C:\Users\Alexander
2014-05-30 12:21 - 2014-06-12 14:57 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 14:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 14:57 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 14:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 14:57 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 14:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 14:57 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 14:57 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 14:57 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 14:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 14:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 14:57 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 14:57 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 14:57 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 14:57 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 14:57 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 14:57 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 14:57 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 14:57 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 14:57 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 14:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 14:57 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 14:57 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 14:57 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 14:57 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 14:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 14:57 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 14:57 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 14:57 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 14:57 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 14:57 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 14:57 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 14:57 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 14:57 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 14:57 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 14:57 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 14:57 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 14:57 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 14:57 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 14:57 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 14:57 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 14:57 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 14:57 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 14:57 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 14:57 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 14:57 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 14:57 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 14:57 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 14:57 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 14:57 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 01:00 - 2014-06-16 17:10 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 01:00 - 2014-06-16 17:10 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-30 00:59 - 2014-06-16 17:10 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 00:59 - 2014-06-16 17:10 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-29 16:21 - 2014-03-21 15:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone

Files to move or delete:
====================
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat
C:\Users\Alexander\random.dat
C:\ProgramData\uninstall_Deeal.exe


Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\AskSLib.dll
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Alexander\AppData\Local\Temp\DivXSetup.exe
C:\Users\Alexander\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Alexander\AppData\Local\Temp\drm_dyndata_7350007.dll
C:\Users\Alexander\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_kedjp.dll
C:\Users\Alexander\AppData\Local\Temp\EBU5308.EXE
C:\Users\Alexander\AppData\Local\Temp\EBU5559.DLL
C:\Users\Alexander\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\LeapUpdate.exe
C:\Users\Alexander\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Alexander\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Alexander\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alexander\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Alexander\AppData\Local\Temp\nvStInst.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe
C:\Users\Alexander\AppData\Local\Temp\SHSetup.exe
C:\Users\Alexander\AppData\Local\Temp\SIntf16.dll
C:\Users\Alexander\AppData\Local\Temp\SIntf32.dll
C:\Users\Alexander\AppData\Local\Temp\SIntfNT.dll
C:\Users\Alexander\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alexander\AppData\Local\Temp\unzip.exe
C:\Users\Alexander\AppData\Local\Temp\winU.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-27 23:04

==================== End Of Log ============================
--- --- ---


Addition.txt:
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Alexander at 2014-06-28 19:43:58
Running from C:\Users\Alexander\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.0.0.183 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Encore CS6 Library (HKLM-x32\...\{07E80932-FFB1-402D-9198-18C58EBAF216}) (Version: 6.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - )
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blender (HKLM\...\Blender) (Version: 2.66a - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Brawl Busters (HKLM-x32\...\Steam App 109410) (Version:  - )
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Champions of Regnum (HKLM-x32\...\Steam App 222520) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version:  - Focus Home Interactive)
Conquer Online 2.0 (HKLM-x32\...\{78B51FD5-DA3F-4B48-8F3F-4E4068F25D89}_is1) (Version:  - TQ Digital Entertainment Inc.)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
Deeal (HKLM-x32\...\Deeal) (Version: 1.0.0.0 - Kreapixel inc.)
Defender's Quest (HKLM-x32\...\DefendersQuest) (Version: 1.0.35 - UNKNOWN)
Defender's Quest (x32 Version: 1.0.35 - UNKNOWN) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Desktop Dungeons (HKLM-x32\...\Steam App 226620) (Version:  - QCF Design)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Easy Tune 6 B11.0512.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0512.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Edimax RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.5.0 - Edimax)
EE-ZDE (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
Fable III (HKLM-x32\...\Steam App 105400) (Version:  - )
FireArc Arcade (HKLM-x32\...\{CADFD74F-0724-43B4-96A1-93CD18D1FE98}) (Version: 0.3.10 - FireArc.com)
FORCED (HKLM-x32\...\Steam App 249990) (Version:  - BetaDwarf)
Forge (HKLM-x32\...\Steam App 223390) (Version:  - )
Free YouTube to MP3 Converter version 3.12.11.812 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.11.812 - DVDVideoSoft Ltd.)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version:  - )
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Iminent (x32 Version: 6.27.21.0 - Iminent) Hidden <==== ATTENTION
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Leap Motion Software (HKLM-x32\...\Leap Services) (Version: 1.0.8.7999 - Leap Motion)
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.374 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.374 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.7 - www.leaguereplays.com)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.106.02030 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.106.02030 - Sony)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.0.162.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.5 (HKLM-x32\...\{871F39A1-1671-4161-A012-1D4820346A69}) (Version: 1.2.5 - Thorvald Natvig)
My Game Long Name (HKLM\...\UDK-8a6f888b-97ec-4d94-8ba5-057ff7b1e9ec) (Version:  - Epic Games, Inc.)
NapkinRace v1.02 (HKLM-x32\...\NapkinRace_is1) (Version:  - Steinware)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10300 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.7.24409 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version:  - DONTNOD Entertainment)
Robin Hood (HKLM-x32\...\Steam App 46560) (Version:  - Spellbound)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
RuneScape Launcher 1.2.2 (HKLM-x32\...\{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}) (Version: 1.2.2 - Jagex Ltd)
S.T.R.I.K.E.5 Service (HKLM-x32\...\{D840428F-A2F6-448B-BEBE-532BECCD97BC}) (Version: 1.0.0.0 - Mad Catz)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM-x32\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version:  - Maxis)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Smart Technology Programming Software 7.0.23.0 (HKLM\...\{F1525BFE-6D58-4E7A-9B17-C563B7EAADC5}) (Version: 7.0.23.0 - Mad Catz)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1739.1 - Hi-Rez Studios)
Sniper Elite: Zombie Army (HKLM-x32\...\Steam App 235700) (Version:  - Rebellion)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.7.201306141231 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.206 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony)
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version:  - )
The Lord of the Rings Online™ v03.08.00.8029 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8029 - Turbine, Inc.)
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Train Simulator 2014 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veoh Giraffic Video Accelerator (HKLM-x32\...\Giraffic) (Version: 0.86.412.230 - Giraffic)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Restore Points  =========================

27-06-2014 18:17:39 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-10-14 15:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1035CF7B-D715-4D6D-8726-A1A7BB410D00} - System32\Tasks\AdobeAAMUpdater-1.0-Pienut-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {1EDBF9C2-1BF9-4F8D-9947-A0523684BEF1} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Alexander\AppData\Roaming\~dynrgvw.exe [2014-06-27] ()
Task: {211D8D9F-5DA2-4574-8656-85FA7FCF88C6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {2AC497FF-AA5B-4079-8C65-BAB8C90FD13F} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {3B5BDAC6-0CA1-4591-B998-9519F564C0AE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {5C01C06C-6543-4F03-9169-BDA37D79D3D1} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {6A119E46-8D04-4A0E-9B71-D1AAF047182C} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {6A27C2D4-D9FF-4AD2-A9FC-2FA088A71333} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {6AF86F64-CAC7-4CF6-B3A9-F0B78AD4C2D6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {71ACD1A9-1C6E-4B39-8CB5-B36C7A0F37B7} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {79C2D243-2245-48C2-97BA-6F9CA3E8FDF8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {88716EF7-846A-40FF-AD22-E1C589381076} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-16] (Adobe Systems Incorporated)
Task: {BC37C69A-94F1-4DD8-8DC2-0365B0BD5D47} - System32\Tasks\WIN-statsAdmin => C:\Users\Alexander\AppData\Local\Microsoft\WinU\~zsuzopr.exe [2014-06-27] ()
Task: {E0960315-4831-4917-8423-B0E4ABFCDFAE} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {EE3316A2-E446-4405-8D31-572E40E30332} - System32\Tasks\WIN-statsSystem => C:\Users\Alexander\AppData\Local\Microsoft\WinU\~xtqvpzw.exe [2014-06-27] ()
Task: {F10D8AC7-5547-4D88-8BCB-C343AC2662B8} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {F1B7E43A-BC88-4DF8-88CA-FBC94652DED2} - System32\Tasks\TaskUserUpdate_wp => C:\Users\Alexander\AppData\Roaming\~ijxloid.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe

==================== Loaded Modules (whitelisted) =============

2012-02-01 21:15 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-15 10:39 - 2012-10-15 10:39 - 00057344 _____ () C:\Program Files (x86)\Mad Catz\Strike5Service\MCAudio.dll
2012-10-15 10:39 - 2012-10-15 10:39 - 00040960 _____ () C:\Program Files (x86)\Mad Catz\Strike5Service\CoreAudioApi.dll
2013-06-20 00:45 - 2013-06-20 00:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2012-01-14 15:10 - 2012-01-14 15:10 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-12 12:38 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 12:38 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 12:38 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 12:38 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 12:38 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Alexander\AppData\Local\Qxv23EZGX0HFdNh:6Tc6eArNxoruPiY8ws3v
AlternateDataStreams: C:\Users\Alexander\AppData\Local\Temporary Internet Files:wZ2xYcWk1Bt7BdxTMrdY9

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk => C:\Windows\pss\Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Alexander^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DataMgr => "C:\Users\Alexander\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: Intermediate => "C:\Users\Alexander\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: OMESupervisor => C:\Users\Alexander\AppData\Local\omesuperv.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: SCheck => "C:\Users\Alexander\AppData\Roaming\SCheck\SCheck.exe" check  nohp nods
MSCONFIG\startupreg: Snoozer => "C:\Users\Alexander\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Alexander\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-02-04 20:45:28.008
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-04 20:45:27.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-04 20:44:46.966
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-04 20:44:46.944
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-04 20:44:01.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-04 20:44:01.184
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-14 15:19:54.857
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-14 15:19:54.846
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 16301.12 MB
Available physical RAM: 13201.25 MB
Total Pagefile: 32600.41 MB
Available Pagefile: 29056.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1397.32 GB) NTFS
Drive d: (Xbox360_1_2) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2AB85C61)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---


Gmer.txt:
GMER Logfile:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-28 20:30:29
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST2000DL003-9VT166 rev.CC3C 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\ALEXAN~1\AppData\Local\Temp\pgldapog.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                                                  fffff800037f8000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                                                                                  fffff800037f802f 18 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[2040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                              0000000076701465 2 bytes [70, 76]
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[2040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                              00000000767014bb 2 bytes [70, 76]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                    0000000076701465 2 bytes [70, 76]
.text    C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                  00000000767014bb 2 bytes [70, 76]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[2496] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                                                      0000000076701465 2 bytes [70, 76]
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[2496] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                                                    00000000767014bb 2 bytes [70, 76]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                  0000000076701465 2 bytes [70, 76]
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                  00000000767014bb 2 bytes [70, 76]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[4868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                          0000000076701465 2 bytes [70, 76]
.text    C:\Program Files (x86)\Skype\Phone\Skype.exe[4868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                        00000000767014bb 2 bytes [70, 76]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[4408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                        0000000076701465 2 bytes [70, 76]
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[4408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                      00000000767014bb 2 bytes [70, 76]
.text    ...                                                                                                                                                                                                * 2
.text    C:\Users\Alexander\Downloads\Defogger.exe[5628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                            0000000076701465 2 bytes [70, 76]
.text    C:\Users\Alexander\Downloads\Defogger.exe[5628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                            00000000767014bb 2 bytes [70, 76]
.text    ...                                                                                                                                                                                                * 2

---- Registry - GMER 2.1 ----

Reg      HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Alexander\AppData\Local\Logitech\xae Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe  1

---- EOF - GMER 2.1 ----
--- --- ---


Danke schonmal für die Antwort,

Gruß Alex

schrauber 28.06.2014 19:57
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

pienut 28.06.2014 20:20
Hi und danke für die schnelle Antwort,

hier nun das ComboFix Logfile:

Code:
ComboFix 14-06-27.01 - Alexander 28.06.2014  21:08:11.2.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.16301.12063 [GMT 2:00]
ausgeführt von:: c:\users\Alexander\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\uninstall_Deeal.exe
c:\users\Alexander\AppData\Local\assembly\tmp
c:\users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D6B6F8F2-0686-42D9-89C8-6BC5666F92F0}.xps
c:\users\Alexander\AppData\Roaming\~dynrgvw.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-05-28 bis 2014-06-28  ))))))))))))))))))))))))))))))
.
.
2074-05-18 16:44 . 2008-03-21 13:46        607296        ------w-        c:\program files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll
2014-06-28 19:13 . 2014-06-28 19:13        --------        d-----w-        c:\users\Public\AppData\Local\temp
2014-06-28 19:13 . 2014-06-28 19:13        --------        d-----w-        c:\users\Moritz\AppData\Local\temp
2014-06-28 19:13 . 2014-06-28 19:13        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-06-28 17:42 . 2014-06-28 17:44        --------        d-----w-        C:\FRST
2014-06-28 16:44 . 2014-06-28 17:13        --------        d-----w-        c:\users\Alexander\AppData\Roaming\System Speedup
2014-06-28 16:44 . 2014-06-28 16:44        --------        d-----w-        c:\program files (x86)\System Speedup
2014-06-28 16:43 . 2014-06-28 16:43        --------        d-----w-        c:\windows\ERUNT
2014-06-28 16:13 . 2014-06-28 16:13        --------        d-----w-        c:\program files (x86)\Deeal
2014-06-28 16:09 . 2014-06-28 16:09        --------        d-----w-        C:\AdwCleaner
2014-06-28 15:52 . 2012-07-25 10:03        16896        ----a-w-        c:\windows\system32\sasnative64.exe
2014-06-28 15:14 . 2014-06-28 16:52        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-28 15:14 . 2014-06-28 15:14        --------        d-----w-        c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-28 15:14 . 2014-05-12 05:26        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-06-28 15:14 . 2014-05-12 05:26        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-06-27 19:09 . 2014-06-28 17:26        --------        d-----w-        c:\users\Alexander\AppData\Roaming\betadeeal
2014-06-24 21:04 . 2014-06-24 21:04        --------        d-----w-        C:\Warner Bros. Interactive Entertainment
2014-06-17 00:00 . 2014-06-28 00:00        --------        d-----w-        c:\users\Alexander\AppData\Local\Adobe
2014-06-16 15:20 . 2014-06-16 15:20        --------        d-----w-        c:\program files (x86)\AGEIA Technologies
2014-06-16 15:19 . 2014-05-19 23:10        601432        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2014-06-16 15:10 . 2014-06-16 15:11        --------        d-----w-        c:\users\Alexander\AppData\Local\NVIDIA
2014-06-16 15:10 . 2014-06-16 15:11        --------        d-----w-        c:\users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 15:10 . 2014-05-29 23:00        1291232        ----a-w-        c:\windows\SysWow64\nvspbridge.dll
2014-06-16 15:10 . 2014-05-29 23:00        1122312        ----a-w-        c:\windows\SysWow64\nvspcap.dll
2014-06-16 15:10 . 2014-05-29 22:59        1715176        ----a-w-        c:\windows\system32\nvspbridge64.dll
2014-06-16 15:10 . 2014-05-29 22:59        1279480        ----a-w-        c:\windows\system32\nvspcap64.dll
2014-06-16 15:10 . 2014-03-31 16:42        40392        ----a-w-        c:\windows\system32\drivers\nvvad64v.sys
2014-06-16 15:10 . 2014-03-31 16:42        37320        ----a-w-        c:\windows\system32\nvaudcap64v.dll
2014-06-16 15:10 . 2014-03-31 16:42        34760        ----a-w-        c:\windows\SysWow64\nvaudcap32v.dll
2014-06-16 15:04 . 2014-06-16 15:04        --------        d-----w-        c:\program files (x86)\BlueStacks
2014-06-16 15:04 . 2014-06-16 15:04        --------        d-----w-        c:\programdata\BlueStacks
2014-06-16 15:03 . 2014-06-16 15:03        --------        d-----w-        c:\users\Alexander\AppData\Local\Bluestacks
2014-06-12 12:56 . 2014-06-08 09:13        506368        ----a-w-        c:\windows\system32\aepdu.dll
2014-06-12 12:56 . 2014-06-08 09:08        424448        ----a-w-        c:\windows\system32\aeinv.dll
2014-06-11 08:18 . 2014-06-11 08:18        --------        d-----w-        c:\program files (x86)\Common Files\Skype
2014-06-10 17:40 . 2014-06-10 17:41        --------        d-----w-        c:\program files\Microsoft Xbox 360 Accessories
2014-06-06 10:52 . 2014-06-06 20:58        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird
2014-06-01 22:39 . 2013-12-13 15:53        19544        ----a-w-        c:\windows\system32\roboot64.exe
2014-06-01 22:39 . 2014-06-11 08:24        --------        d-----w-        c:\program files\003
2014-06-01 22:37 . 2014-06-28 14:28        --------        d-----w-        c:\users\Alexander\AppData\Roaming\wp_update
2014-06-01 22:36 . 2014-06-01 22:36        --------        d-----w-        c:\users\Alexander\AppData\Roaming\SupTab
2014-06-01 22:36 . 2014-06-01 22:37        --------        d-----w-        c:\programdata\WPM
2014-06-01 22:36 . 2014-06-11 08:13        --------        d-----w-        c:\program files (x86)\FLVM Player
2014-06-01 22:36 . 2014-06-02 11:57        --------        d-----w-        c:\program files (x86)\globalUpdate
2014-06-01 22:36 . 2014-06-01 22:36        --------        d-----w-        c:\users\Alexander\AppData\Local\globalUpdate
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-28 17:16 . 2012-01-14 13:50        25640        ----a-w-        c:\windows\gdrv.sys
2014-06-16 21:41 . 2012-04-04 20:48        699056        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-16 21:41 . 2012-01-14 14:23        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-13 01:02 . 2012-01-15 12:53        95414520        ----a-w-        c:\windows\system32\MRT.exe
2014-06-11 08:57 . 2012-02-22 12:22        1515296        ----a-w-        c:\windows\system32\nvhdagenco6420103.dll
2014-05-22 12:45 . 2013-03-28 11:51        130584        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2014-05-22 12:45 . 2013-03-28 11:51        112080        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2014-05-20 02:44 . 2013-04-22 20:33        31387936        ----a-w-        c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2013-04-22 20:33        24025376        ----a-w-        c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2012-10-10 20:23        3109248        ----a-w-        c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2012-10-10 20:23        18531568        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2012-10-10 20:23        16003912        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2012-10-10 20:22        2730208        ----a-w-        c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2012-10-10 20:22        14434704        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2014-05-20 01:25 . 2012-01-14 12:48        6769096        ----a-w-        c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2012-01-14 12:48        3514144        ----a-w-        c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2012-01-14 12:48        927520        ----a-w-        c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2012-01-14 12:48        62808        ----a-w-        c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2012-01-14 12:48        387528        ----a-w-        c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2012-01-14 12:48        2560968        ----a-w-        c:\windows\system32\nvsvcr.dll
2014-05-14 23:49 . 2012-02-22 12:24        3774821        ----a-w-        c:\windows\system32\nvcoproc.bin
2014-05-12 05:25 . 2012-10-17 20:57        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-04-15 00:34 . 2014-04-15 00:34        1070232        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-12 17:17 . 2014-04-12 17:13        967        ----a-w-        c:\windows\ScUnin.pif
2014-04-12 17:17 . 2014-04-12 17:13        69632        ----a-w-        c:\windows\ScUnin.exe
2014-04-12 02:22 . 2014-05-14 16:22        95680        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 16:22        155072        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 16:22        29184        ----a-w-        c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 16:22        136192        ----a-w-        c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 16:22        28160        ----a-w-        c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 16:22        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 16:22        31232        ----a-w-        c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 16:22        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 16:22        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{70C53538-9F82-42BC-A327-74F7A46E700C}]
2014-06-17 13:43        386048        ----a-w-        c:\program files (x86)\Deeal\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spotify Web Helper"="c:\users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-06-27 1176632]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-22 737872]
"S.T.R.I.K.E.5 Service"="c:\program files (x86)\Mad Catz\Strike5Service\Strike5.exe" [2012-10-11 278528]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-05-21 832272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 LeapService;Leap Service;c:\program files (x86)\Leap Motion\Core Services\LeapSvc.exe;c:\program files (x86)\Leap Motion\Core Services\LeapSvc.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Edimax\Common\RaRegistry64.exe;c:\program files (x86)\Edimax\Common\RaRegistry64.exe [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 HidEmulator;HidEmulator Leap Motion Miniport;c:\windows\system32\DRIVERS\HidEmulator.sys;c:\windows\SYSNATIVE\DRIVERS\HidEmulator.sys [x]
S3 HidEmulatorKmdf;HidEmulatorKmdf Lower Filter;c:\windows\system32\DRIVERS\HidEmulatorKmdf.sys;c:\windows\SYSNATIVE\DRIVERS\HidEmulatorKmdf.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Said1108;Said1108;c:\windows\system32\DRIVERS\Said1108.sys;c:\windows\SYSNATIVE\DRIVERS\Said1108.sys [x]
S3 SaiK1108;SaiK1108;c:\windows\system32\DRIVERS\SaiK1108.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1108.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PGLDAPOG
*Deregistered* - pgldapog
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:41]
.
2014-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16 11:35]
.
2014-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16 11:35]
.
2014-06-28 c:\windows\Tasks\System Speedup_DEFAULT.job
- c:\program files (x86)\System Speedup\SystemSpeedup.exe [2014-06-28 15:53]
.
2014-06-28 c:\windows\Tasks\System Speedup_UPDATES.job
- c:\program files (x86)\System Speedup\SystemSpeedup.exe [2014-06-28 15:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23        444752        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliType Pro"="c:\program files\Microsoft Mouse and Keyboard Center\itype.exe" [2012-11-02 1464944]
"IntelliPoint"="c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2012-11-02 2076272]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\
FF - prefs.js: browser.search.selectedEngine - sweet-page
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 - c:\program files (x86)\Advanced System Protector\unins000.exe
AddRemove-Deeal - c:\programdata\uninstall_Deeal.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2326150098-3520983787-2908837582-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:86,31,74,8b,f6,61,bd,10,41,2d,e5,89,3c,1d,cd,e4,4b,d6,73,a4,df,cf,c8,
  44,2a,de,74,c1,ef,d9,2e,27,4b,14,b1,d8,27,e8,a1,a3,2a,52,28,45,ff,ee,79,eb,\
"??"=hex:e4,e8,a5,04,54,89,2c,6a,70,90,4a,be,ae,69,43,7f
.
[HKEY_USERS\S-1-5-21-2326150098-3520983787-2908837582-1000\Software\SecuROM\License information*]
"datasecu"=hex:fe,d9,3b,09,95,9b,e6,b2,16,d6,4d,85,5a,62,2d,61,81,49,c1,b2,ba,
  01,a6,ad,68,ac,93,22,9a,63,7e,88,51,53,90,ff,43,ee,d3,87,d0,49,a6,bd,9f,8b,\
"rkeysecu"=hex:81,c9,03,52,e1,6c,19,5a,2f,98,92,35,09,06,96,7c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-28  21:15:28
ComboFix-quarantined-files.txt  2014-06-28 19:15
.
Vor Suchlauf: 20 Verzeichnis(se), 1.515.507.486.720 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 1.518.759.530.496 Bytes frei
.
- - End Of File - - BC01167415C2B9BE97B9D48A76CFCB30
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31



Fehler sind keine aufgetreten.

schrauber 29.06.2014 12:24
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

pienut 29.06.2014 14:42
Hi,

mbam.txt
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 29.06.2014
Suchlauf-Zeit: 14:59:48
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.29.03
Rootkit Datenbank: v2014.06.23.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Alexander

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357172
Verstrichene Zeit: 9 Min, 27 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.SweetPage.A, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "search_url": "hxxp://www.sweet-page.com/web/?type=ds&ts=1401662147&from=ill&uid=ST2000DL003-9VT166_5YD6TENRXXXX5YD6TENR&q={searchTerms}",), Ersetzt,[4ceb2757c6b53afca1e338820004827e]

Physische Sektoren: 0
(No malicious items detected)


(end)
adw.txt
Code:
# AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 15:14:43
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Alexander - PIENUT
# Gestartet von : C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leap Motion
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\System Speedup
Ordner Gelöscht : C:\Program Files (x86)\Leap Motion
Ordner Gelöscht : C:\Windows\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Alexander\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Snz
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\System Speedup
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\wp_update
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Leap Motion
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
Datei Gelöscht : C:\Users\Public\Desktop\Advanced System Protector.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\sasnative64.exe
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector_startup
Datei Gelöscht : C:\Windows\Tasks\System Speedup_DEFAULT.job
Datei Gelöscht : C:\Windows\System32\Tasks\System Speedup_DEFAULT
Datei Gelöscht : C:\Windows\Tasks\System Speedup_UPDATES.job
Datei Gelöscht : C:\Windows\System32\Tasks\System Speedup_UPDATES

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.OptionMenu
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.Protocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.Protocol.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.WebObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STC.WebObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : HKCU\Software\Blabbers     
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\OfferMosquito
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\System Speedup
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\System Speedup
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\Software\Leap Motion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Speedup_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ Datei : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "sweet-page");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "sweet-page");

[ Datei : C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\q0e3l9ev.default\prefs.js ]

Zeile gelöscht : user_pref("iminent.searchindex", "1");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");

-\\ Google Chrome v

[ Datei : C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=5B0796E5-498B-48F7-A0D5-C533E908AD40&ref=toolbox&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M1850C825-952A-4E02-A54C-440FB7435915&SearchSource=58&CUI=&UM=5&UP=SP7640BDCC-6B8A-4AAE-8EE0-2C093018F69F&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1401662147&from=ill&uid=ST2000DL003-9VT166_5YD6TENRXXXX5YD6TENR&q={searchTerms}

*************************

AdwCleaner[R0].txt - [8511 octets] - [29/06/2014 15:13:22]
AdwCleaner[S0].txt - [8033 octets] - [29/06/2014 15:14:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8093 octets] ##########

JRT.txt
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x64
Ran by Alexander on 29.06.2014 at 15:23:16,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\fbkl3xzq.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.06.2014 at 15:24:51,93
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Alexander (administrator) on PIENUT on 29-06-2014 15:34:06
Running from C:\Users\Alexander\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mad Catz Inc) C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(System Speedup) C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [S.T.R.I.K.E.5 Service] => C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe [278528 2012-10-11] (Mad Catz Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [RPMKickstart] - C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x21EE8203C0D2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - F764C80A9DD34EC998B4BA4247D9129F URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {463F81C0-28DE-492d-A646-8672191270CA} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: GBHO.BHO - {45d30484-7ded-43d9-957a-d2fd1f046511} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Deeal - {70C53538-9F82-42BC-A327-74F7A46E700C} - C:\Program Files (x86)\Deeal\ScriptHost.dll (Deeal)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Alexander\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF Extension: ProxTube - Unblock YouTube - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Adblock Plus - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: hxxp://www.sweet-page.com/web/?type=ds&ts=1401662147&from=ill&uid=ST2000DL003-9VT166_5YD6TENRXXXX5YD6TENR&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Wallet) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S4 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-07-12] (BioWare)
S3 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [744856 2012-11-14] (Tunngle.net GmbH) [File not signed]
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [X]

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
R3 HidEmulator; C:\Windows\System32\DRIVERS\HidEmulator.sys [10480 2013-08-15] (Leap Motion, Inc.)
R3 HidEmulatorKmdf; C:\Windows\System32\DRIVERS\HidEmulatorKmdf.sys [24432 2013-08-15] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Said1108; C:\Windows\System32\DRIVERS\Said1108.sys [25920 2012-10-16] (Saitek)
R3 SaiK1108; C:\Windows\System32\DRIVERS\SaiK1108.sys [180544 2012-10-16] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-29 15:33 - 2014-06-29 15:33 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-06-29 15:32 - 2014-06-29 15:32 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-06-29 15:32 - 2014-06-29 15:32 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-29 15:32 - 2014-06-29 15:32 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-29 15:32 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-06-29 15:32 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-06-29 15:29 - 2014-06-29 15:29 - 00057167 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:06 - 2014-06-28 21:15 - 00000000 ____D () C:\Qoobox
2014-06-28 21:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-28 21:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-28 21:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-28 21:04 - 2014-06-28 21:05 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 20:53 - 2014-06-28 20:53 - 00060227 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:43 - 2014-06-29 15:34 - 00018646 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-28 19:43 - 2014-06-28 19:44 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:42 - 2014-06-29 15:34 - 00000000 ____D () C:\FRST
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:44 - 2014-06-29 15:32 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-29 15:14 - 00000000 ____D () C:\AdwCleaner
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 17:14 - 2014-06-29 14:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 17:14 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-28 17:10 - 2014-06-28 17:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 21:09 - 2014-06-28 19:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-18 04:00 - 2014-06-27 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 02:00 - 2014-06-29 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:19 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-16 17:17 - 2014-06-11 10:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-16 17:17 - 2014-06-11 10:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-16 17:17 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-05-30 01:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-16 17:10 - 2014-05-30 01:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-16 17:10 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:03 - 2014-06-16 17:10 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-12 14:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:57 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:57 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:57 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:57 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 14:57 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 14:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 14:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 14:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 14:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 14:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 14:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 14:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 14:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:56 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 14:56 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2014-06-10 19:41 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-06 12:52 - 2014-06-06 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:36 - 2014-06-11 10:13 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp
2014-05-30 15:28 - 2014-06-03 01:27 - 00000000 ____D () C:\Users\Alexander\Documents\BWL

==================== One Month Modified Files and Folders =======

2014-06-29 15:34 - 2014-06-28 19:43 - 00018646 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-29 15:34 - 2014-06-28 19:42 - 00000000 ____D () C:\FRST
2014-06-29 15:33 - 2014-06-29 15:33 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-06-29 15:32 - 2014-06-29 15:32 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-06-29 15:32 - 2014-06-29 15:32 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-29 15:32 - 2014-06-29 15:32 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-29 15:32 - 2014-06-28 18:44 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-06-29 15:30 - 2013-10-16 11:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-29 15:29 - 2014-06-29 15:29 - 00057167 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:29 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-29 15:29 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-29 15:25 - 2012-01-14 21:31 - 01573231 _____ () C:\Windows\WindowsUpdate.log
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:24 - 2012-01-15 21:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Skype
2014-06-29 15:22 - 2012-01-14 15:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-06-29 15:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-29 15:22 - 2009-07-14 06:51 - 00091770 _____ () C:\Windows\setupact.log
2014-06-29 15:21 - 2012-01-14 14:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:15 - 2010-11-21 05:47 - 00879062 _____ () C:\Windows\PFRO.log
2014-06-29 15:14 - 2014-06-28 18:09 - 00000000 ____D () C:\AdwCleaner
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-29 14:59 - 2014-06-28 17:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 14:56 - 2012-12-16 13:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job
2014-06-29 05:03 - 2014-03-21 14:55 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Battle.net
2014-06-29 03:58 - 2012-11-01 17:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-29 02:42 - 2012-12-16 13:35 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job
2014-06-29 02:00 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:15 - 2014-06-28 21:06 - 00000000 ____D () C:\Qoobox
2014-06-28 21:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-28 21:05 - 2014-06-28 21:04 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 21:05 - 2012-10-14 15:13 - 00000000 ____D () C:\Windows\erdnt
2014-06-28 20:53 - 2014-06-28 20:53 - 00060227 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:44 - 2014-06-28 19:43 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:26 - 2014-06-27 21:09 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:50 - 2012-03-26 20:12 - 00002378 _____ () C:\Users\Alexander\Desktop\Google Chrome.lnk
2014-06-28 18:50 - 2012-01-15 14:37 - 00001154 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 15:21 - 00001142 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 14:44 - 00001425 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 18:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-06-28 17:46 - 2011-04-12 09:43 - 00710518 _____ () C:\Windows\system32\perfh007.dat
2014-06-28 17:46 - 2011-04-12 09:43 - 00154848 _____ () C:\Windows\system32\perfc007.dat
2014-06-28 17:46 - 2009-07-14 07:13 - 01651758 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 17:38 - 2014-03-15 03:56 - 00000000 ____D () C:\Temp
2014-06-28 17:33 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Spotify
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2012-10-17 22:58 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Malwarebytes
2014-06-28 17:14 - 2012-10-17 22:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 17:11 - 2014-06-28 17:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-28 16:56 - 2012-01-29 11:56 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8188928D-0519-47C3-AF23-9B006231D1F6}
2014-06-27 23:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:09 - 2014-06-18 04:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-27 06:09 - 2012-01-15 04:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\PMB Files
2014-06-26 22:21 - 2012-01-14 16:25 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-25 23:21 - 2014-03-21 14:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-24 05:37 - 2012-04-26 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-23 14:47 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Spotify
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-19 02:37 - 2012-12-16 13:35 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA
2014-06-19 02:37 - 2012-12-16 13:35 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core
2014-06-16 23:41 - 2013-10-16 11:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 23:41 - 2012-04-04 22:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 23:41 - 2012-01-14 16:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:20 - 2012-01-14 14:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-16 17:20 - 2012-01-14 14:47 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-06-16 17:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:10 - 2012-11-20 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-16 17:10 - 2012-01-14 14:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-13 03:04 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 03:02 - 2012-01-15 14:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 03:02 - 2012-01-15 14:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 03:01 - 2014-05-06 21:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 10:57 - 2014-06-16 17:17 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-11 10:57 - 2014-06-16 17:17 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-11 10:57 - 2012-02-22 14:22 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-11 10:18 - 2014-03-12 19:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-11 10:18 - 2012-01-15 21:01 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 10:13 - 2014-06-02 00:36 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:41 - 2014-06-10 19:40 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2012-01-21 16:04 - 00222889 _____ () C:\Windows\DirectX.log
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-08 11:13 - 2014-06-12 14:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 14:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 22:58 - 2014-06-06 12:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-06 14:30 - 2014-03-14 18:51 - 00010386 _____ () C:\Users\Alexander\Desktop\Internet Geld.xlsx
2014-06-03 01:27 - 2014-05-30 15:28 - 00000000 ____D () C:\Users\Alexander\Documents\BWL
2014-06-03 01:22 - 2013-04-28 16:22 - 00251340 _____ () C:\Windows\DPINST.LOG
2014-06-03 01:21 - 2013-12-01 15:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-03 01:21 - 2013-04-28 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-03 01:21 - 2012-01-14 14:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp
2014-05-30 15:29 - 2012-01-14 14:44 - 00000000 ____D () C:\Users\Alexander
2014-05-30 12:21 - 2014-06-12 14:57 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 14:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 14:57 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 14:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 14:57 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 14:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 14:57 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 14:57 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 14:57 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 14:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 14:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 14:57 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 14:57 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 14:57 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 14:57 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 14:57 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 14:57 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 14:57 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 14:57 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 14:57 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 14:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 14:57 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 14:57 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 14:57 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 14:57 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 14:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 14:57 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 14:57 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 14:57 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 14:57 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 14:57 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 14:57 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 14:57 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 14:57 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 14:57 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 14:57 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 14:57 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 14:57 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 14:57 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 14:57 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 14:57 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 14:57 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 14:57 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 14:57 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 14:57 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 14:57 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 14:57 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 14:57 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 14:57 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 14:57 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 01:00 - 2014-06-16 17:10 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 01:00 - 2014-06-16 17:10 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-30 00:59 - 2014-06-16 17:10 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 00:59 - 2014-06-16 17:10 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

Files to move or delete:
====================
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat
C:\Users\Alexander\random.dat


Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-27 23:04

==================== End Of Log ============================
--- --- ---

--- --- ---

Zwischenzeitlich war die Advanced System Protektor Verknüpfung auf dem Desktop verschwunden, nach dem JRT durchlauf war sie allerdings wieder da und hat auch gleich begonnen mit System Speed up ein Systemdurchlauf zu starten.

schrauber 30.06.2014 11:25
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
2014-06-29 15:33 - 2014-06-29 15:33 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-06-29 15:32 - 2014-06-29 15:32 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-06-29 15:32 - 2014-06-29 15:32 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-29 15:32 - 2014-06-29 15:32 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-29 15:32 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-06-29 15:32 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

pienut 30.06.2014 16:11
Hi,


Fixlog.txt:
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-06-2014 02
Ran by Alexander at 2014-06-30 13:24:26 Run:1
Running from C:\Users\Alexander\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2014-06-29 15:33 - 2014-06-29 15:33 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-06-29 15:32 - 2014-06-29 15:32 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-06-29 15:32 - 2014-06-29 15:32 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-29 15:32 - 2014-06-29 15:32 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-06-29 15:32 - 2014-06-29 15:32 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-29 15:32 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-06-29 15:32 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
       
*****************

C:\Windows\System32\Tasks\Advanced System Protector_startup => Moved successfully.
C:\Windows\System32\Tasks\Advanced System Protector => Moved successfully.
C:\Windows\System32\Tasks\System Speedup => Moved successfully.
C:\Windows\System32\Tasks\System Speedup_UPDATES => Moved successfully.
C:\Windows\System32\Tasks\System Speedup_DEFAULT => Moved successfully.
C:\Users\Public\Desktop\Advanced System Protector.lnk => Moved successfully.
C:\Windows\Tasks\System Speedup_UPDATES.job => Moved successfully.
C:\Windows\Tasks\System Speedup_DEFAULT.job => Moved successfully.
C:\Users\Alexander\AppData\Roaming\systweak => Moved successfully.
C:\Users\Alexander\AppData\Roaming\System Speedup => Moved successfully.
C:\ProgramData\Systweak => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector => Moved successfully.
C:\Program Files (x86)\System Speedup => Moved successfully.

"C:\Program Files (x86)\Advanced System Protector" directory move:

C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.config => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\AppResource.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\asp.ico => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\AspManager.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\aspsys.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\ASPUninstall.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\categories.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Chinese_asp_ZH-CN.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Chinese_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Communication.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\danish_asp_DA.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Danish_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\dutch_asp_NL.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Dutch_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\eng_asp_en.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\eng_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Finnish_asp_FI.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Finnish_uninst_fi.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\french_asp_FR.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\French_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\german_asp_DE.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\German_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\greek_uninst_el.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\italian_asp_IT.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Italian_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\japanese_asp_JA.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Japanese_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\korean_uninst_ko.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\loading_withWhiteBG.avi => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\norwegian_asp_NO.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Norwegian_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\polish_uninst_pl.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\portugese_uninst_pt.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\portuguese_asp_PT-BR.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Portuguese_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\russian_asp_ru.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\russian_uninst_ru.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\scandll.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\spanish_asp_ES.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\spanish_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\SSDPTstub.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\swedish_asp_SV.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\swedish_uninst.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\System.Core.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\traditionalcn_uninst_zh-tw.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Turkish_uninst_tr.ini => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\unins000.dat => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\unins000.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\unins000.msg => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\unrar.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.Formats.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.com => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.pif => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.scr => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\ASP-Troubleshooter.chm => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\firefox.com => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.lnk => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\clamunpack\clamscan.exe => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\clamunpack\libclamav.dll => Moved successfully.
C:\Program Files (x86)\Advanced System Protector\clamunpack\readme.txt => Moved successfully.
Could not move "C:\Program Files (x86)\Advanced System Protector" directory. => Scheduled to move on reboot.

C:\Windows\system32\roboot64.exe => Moved successfully.
C:\Windows\system32\sasnative64.exe => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-06-30 13:27:02)<=

C:\Program Files (x86)\Advanced System Protector => Is moved successfully.

==== End of Fixlog ====

ESET.txt:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3d490bb9d88cd1469507ca5565290506
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-17 10:10:01
# local_time=2012-10-18 12:10:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 534623 534623 0 0
# compatibility_mode=5893 16776574 100 94 8576426 102137877 0 0
# compatibility_mode=8192 67108863 100 0 127 127 0 0
# scanned=243076
# found=7
# cleaned=0
# scan_time=3774
C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\qlps-qlipso-sntb.exe        Win32/Toolbar.Zugo application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Alexander\Downloads\SoftonicDownloader_fuer_directx.exe        a variant of Win32/SoftonicDownloader.D application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Alexander\Downloads\SoftonicDownloader_fuer_kb-piano.exe        a variant of Win32/SoftonicDownloader.D application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Alexander\Downloads\SweetImSetup.exe        a variant of Win32/SweetIM.B application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Alexander\Downloads\VeohWebPlayerSetup_eng.exe        Win32/Toolbar.Zugo application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Alexander\Downloads\vlc-1.1.11-win32.exe        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Alexander\Downloads\WinZip165Multi-language.exe        a variant of Win32/OpenInstall application (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=3d490bb9d88cd1469507ca5565290506
# engine=18950
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-30 02:18:25
# local_time=2014-06-30 04:18:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 0 269561195 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 30686579 155767755 0 0
# scanned=583751
# found=27
# cleaned=0
# scan_time=9678
sh=75F4A06A0290B613622C7E10E3B05EE0525C1481 ft=1 fh=e7b99738d4ab1513 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\System Speedup\systweakasp.exe.vir"
sh=5A3BF792E02A8EF89D0F14E344DDF6AD9D6503CA ft=1 fh=d8a8aa49ce4e751c vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.xBAD"
sh=6333DA667A1DB6B690F322886EF8B4DACECD7FE3 ft=1 fh=b02a9a0fb9ff7cbb vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.xBAD"
sh=93DC7D6BB28C238630D65A2766577262C43D17E9 ft=1 fh=f75d7f7c3c1fd884 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.xBAD"
sh=386622BA408B086855C73BDAE0297FE23278E280 ft=1 fh=14392b1e38cc4e96 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.xBAD"
sh=75F4A06A0290B613622C7E10E3B05EE0525C1481 ft=1 fh=e7b99738d4ab1513 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\System Speedup\systweakasp.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=672C7517C7D0CC90B7CEA8E2C55C1E1004B346B8 ft=1 fh=6147f8d56ef8a2a5 vn="Win32/Toolbar.Besttoolbars.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Deeal\AddonsFramework.dll"
sh=4C584A96C1D0B05DE6002F27123E0AB4B0C53B61 ft=1 fh=6560cd7f9ee04817 vn="Variante von Win32/Toolbar.Besttoolbars.G evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Deeal\BackgroundHost.exe"
sh=08BF6F871199BCDB95F0361EC920DF406BD3597A ft=1 fh=c0776f02905eb6da vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Alexander\Downloads\avira_free_antivirus_de(1).exe"
sh=37381F388BAE1EDBAC14E32FF3277F224AF74188 ft=1 fh=bc860133a238d9e1 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Alexander\Downloads\avira_free_antivirus_de.exe"
sh=56D3C90AF392E2FB77FEEE920C12229705727F38 ft=1 fh=bae6ef64dd1a3ef4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe"
sh=9C43CC81B62584DFAD8F06C8A9E7B1D116E9F7FA ft=1 fh=458bcb484aab0698 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\FreeYouTubeToMP3Converter(1).exe"
sh=0C44C91D5C377AA1A5FE0F544E1FE7A18DAE9F1F ft=1 fh=220fd8c3b8c49165 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Alexander\Downloads\FreeYouTubeToMP3Converter(2).exe"
sh=6CA2C5BE004BB868A74D49AD0EA8968DCB26677B ft=1 fh=b9479146745c0c8b vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\FreeYouTubeToMP3Converter.exe"
sh=250AD920C538EBAC63102E368FB642EE33AD0593 ft=1 fh=8e020e8f8829bf65 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\FreeYouTubeToMP3Converter_3.11.17.exe"
sh=091BE56C99AA4029622E16E5B1F61440187DF4DB ft=1 fh=d6889646e66bef08 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\Music_Forte_ie.exe"
sh=AEA202E75EB4A7B17250E6DCA3B2470D83247036 ft=1 fh=67bcb2b84dcf5931 vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\SweetImSetup.exe"
sh=802FE0FBE1151F942848F5035B49AD9A2F92069B ft=1 fh=fd9df896cbc8a362 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\Thunderbird - CHIP-Downloader.exe"
sh=EF50E9B48CA05EC1423DD9C858738A2971BFB8A8 ft=1 fh=5f4591e8147a9bfd vn="Win32/StartPage.OIE Trojaner" ac=I fn="C:\Users\Alexander\Downloads\vlc-1.1.11-win32.exe"
sh=F79EA278038B4ED238BC09BCDBDD61C71380A9A2 ft=1 fh=3325f669a4cd300f vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\WinZip165Multi-language.exe"
sh=834249C10A5499D770E6798981E4014A53A46FC6 ft=1 fh=fd3bb40d3bd78eb8 vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\WinZip170_setup.exe"
sh=CA1DD1BED1A7B1F1375A9E48AF4E0685609D8B2F ft=1 fh=f9c7abb69ab91005 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alexander\Downloads\wz165gev.exe"
sh=EEAA8E7CBF57449AB12AB62B19A60C7ECE9C975B ft=1 fh=8f8f2608bfa07014 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\45B73G19\ApnIC[1].0"
sh=EEAA8E7CBF57449AB12AB62B19A60C7ECE9C975B ft=1 fh=8f8f2608bfa07014 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\45B73G19\ApnIC[1].0"
Securitycheck.txt:

Code:
Results of screen317's Security Check version 0.99.83 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 14.0.0.125 
 Adobe Reader 10.1.10 Adobe Reader out of Date! 
 Mozilla Firefox (Firefox,. Firefox out of Date! 
 Mozilla Thunderbird (24.5.0)
 Google Chrome 35.0.1916.114 
 Google Chrome 35.0.1916.153 
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST.txt:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Alexander (administrator) on PIENUT on 30-06-2014 17:03:18
Running from C:\Users\Alexander\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mad Catz Inc) C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [S.T.R.I.K.E.5 Service] => C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe [278528 2012-10-11] (Mad Catz Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [RPMKickstart] - C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x21EE8203C0D2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - F764C80A9DD34EC998B4BA4247D9129F URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {463F81C0-28DE-492d-A646-8672191270CA} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: GBHO.BHO - {45d30484-7ded-43d9-957a-d2fd1f046511} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Deeal - {70C53538-9F82-42BC-A327-74F7A46E700C} - C:\Program Files (x86)\Deeal\ScriptHost.dll (Deeal)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Alexander\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF Extension: ProxTube - Unblock YouTube - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Adblock Plus - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Wallet) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S4 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-07-12] (BioWare)
S3 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [744856 2012-11-14] (Tunngle.net GmbH) [File not signed]
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [X]

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
R3 HidEmulator; C:\Windows\System32\DRIVERS\HidEmulator.sys [10480 2013-08-15] (Leap Motion, Inc.)
R3 HidEmulatorKmdf; C:\Windows\System32\DRIVERS\HidEmulatorKmdf.sys [24432 2013-08-15] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Said1108; C:\Windows\System32\DRIVERS\Said1108.sys [25920 2012-10-16] (Saitek)
R3 SaiK1108; C:\Windows\System32\DRIVERS\SaiK1108.sys [180544 2012-10-16] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-30 16:59 - 2014-06-30 16:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 13:33 - 2014-06-30 13:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-29 15:29 - 2014-06-29 15:34 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:06 - 2014-06-28 21:15 - 00000000 ____D () C:\Qoobox
2014-06-28 21:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-28 21:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-28 21:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-28 21:04 - 2014-06-28 21:05 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 20:53 - 2014-06-30 17:03 - 00018972 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:43 - 2014-06-29 15:34 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-28 19:43 - 2014-06-28 19:44 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:42 - 2014-06-30 17:03 - 00000000 ____D () C:\FRST
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:44 - 2014-06-29 15:32 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-29 15:14 - 00000000 ____D () C:\AdwCleaner
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 17:14 - 2014-06-29 14:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 17:14 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-28 17:10 - 2014-06-28 17:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 21:09 - 2014-06-28 19:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-18 04:00 - 2014-06-27 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 02:00 - 2014-06-30 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:19 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-16 17:17 - 2014-06-11 10:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-16 17:17 - 2014-06-11 10:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-16 17:17 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-05-30 01:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-16 17:10 - 2014-05-30 01:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-16 17:10 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:03 - 2014-06-16 17:10 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-12 14:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:57 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:57 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:57 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:57 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 14:57 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 14:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 14:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 14:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 14:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 14:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 14:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 14:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 14:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:56 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 14:56 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2014-06-10 19:41 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-06 12:52 - 2014-06-06 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:36 - 2014-06-11 10:13 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp

==================== One Month Modified Files and Folders =======

2014-06-30 17:03 - 2014-06-28 20:53 - 00018972 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-06-30 17:03 - 2014-06-28 19:42 - 00000000 ____D () C:\FRST
2014-06-30 16:59 - 2014-06-30 16:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 16:54 - 2012-01-15 21:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Skype
2014-06-30 16:42 - 2012-12-16 13:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job
2014-06-30 16:30 - 2013-10-16 11:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 13:34 - 2011-04-12 09:43 - 00710518 _____ () C:\Windows\system32\perfh007.dat
2014-06-30 13:34 - 2011-04-12 09:43 - 00154848 _____ () C:\Windows\system32\perfc007.dat
2014-06-30 13:34 - 2009-07-14 07:13 - 01651758 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 13:33 - 2014-06-30 13:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-30 13:33 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-30 13:33 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-30 13:30 - 2012-11-01 17:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-30 13:30 - 2012-01-14 21:31 - 01593787 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 13:26 - 2012-01-14 15:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-06-30 13:26 - 2012-01-14 14:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-30 13:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-30 13:26 - 2009-07-14 06:51 - 00091994 _____ () C:\Windows\setupact.log
2014-06-30 13:24 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Spotify
2014-06-30 03:19 - 2014-03-21 14:55 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Battle.net
2014-06-30 02:42 - 2012-12-16 13:35 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job
2014-06-30 02:00 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-29 17:39 - 2012-01-29 11:56 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8188928D-0519-47C3-AF23-9B006231D1F6}
2014-06-29 15:56 - 2012-01-15 04:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\PMB Files
2014-06-29 15:56 - 2012-01-14 16:25 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-29 15:34 - 2014-06-29 15:29 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:34 - 2014-06-28 19:43 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-29 15:32 - 2014-06-28 18:44 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:15 - 2010-11-21 05:47 - 00879062 _____ () C:\Windows\PFRO.log
2014-06-29 15:14 - 2014-06-28 18:09 - 00000000 ____D () C:\AdwCleaner
2014-06-29 15:14 - 2013-07-24 19:57 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Common
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-29 14:59 - 2014-06-28 17:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:15 - 2014-06-28 21:06 - 00000000 ____D () C:\Qoobox
2014-06-28 21:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-28 21:05 - 2014-06-28 21:04 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 21:05 - 2012-10-14 15:13 - 00000000 ____D () C:\Windows\erdnt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:44 - 2014-06-28 19:43 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:26 - 2014-06-27 21:09 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:50 - 2012-03-26 20:12 - 00002378 _____ () C:\Users\Alexander\Desktop\Google Chrome.lnk
2014-06-28 18:50 - 2012-01-15 14:37 - 00001154 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 15:21 - 00001142 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 14:44 - 00001425 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 18:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-06-28 17:38 - 2014-03-15 03:56 - 00000000 ____D () C:\Temp
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2012-10-17 22:58 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Malwarebytes
2014-06-28 17:14 - 2012-10-17 22:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 17:11 - 2014-06-28 17:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 23:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:09 - 2014-06-18 04:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-25 23:21 - 2014-03-21 14:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-24 05:37 - 2012-04-26 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-23 14:47 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Spotify
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-19 02:37 - 2012-12-16 13:35 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA
2014-06-19 02:37 - 2012-12-16 13:35 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core
2014-06-16 23:41 - 2013-10-16 11:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 23:41 - 2012-04-04 22:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 23:41 - 2012-01-14 16:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:20 - 2012-01-14 14:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-16 17:20 - 2012-01-14 14:47 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-06-16 17:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:10 - 2012-11-20 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-16 17:10 - 2012-01-14 14:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-13 03:04 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 03:02 - 2012-01-15 14:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 03:02 - 2012-01-15 14:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 03:01 - 2014-05-06 21:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 10:57 - 2014-06-16 17:17 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-11 10:57 - 2014-06-16 17:17 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-11 10:57 - 2012-02-22 14:22 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-11 10:18 - 2014-03-12 19:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-11 10:18 - 2012-01-15 21:01 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 10:13 - 2014-06-02 00:36 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:41 - 2014-06-10 19:40 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2012-01-21 16:04 - 00222889 _____ () C:\Windows\DirectX.log
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-08 11:13 - 2014-06-12 14:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 14:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 22:58 - 2014-06-06 12:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-06 14:30 - 2014-03-14 18:51 - 00010386 _____ () C:\Users\Alexander\Desktop\Internet Geld.xlsx
2014-06-03 01:27 - 2014-05-30 15:28 - 00000000 ____D () C:\Users\Alexander\Documents\BWL
2014-06-03 01:22 - 2013-04-28 16:22 - 00251340 _____ () C:\Windows\DPINST.LOG
2014-06-03 01:21 - 2013-12-01 15:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-03 01:21 - 2013-04-28 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-03 01:21 - 2012-01-14 14:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp

Files to move or delete:
====================
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat
C:\Users\Alexander\random.dat


Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 16:33

==================== End Of Log ============================
--- --- ---

--- --- ---

Bisher hat sich das Programm System Speedup nicht mehr gemeldet, es erscheint aber, wie auch der Advanced System Protector und Deeal immer noch unter Systemsteuerung --> Programme Deinstallieren


Gruß Alex

schrauber 01.07.2014 11:26
Deinstalliere das alles mal mit Revo Uninstaller, poste dann ein frisches FRST log.

pienut 01.07.2014 20:29
Hi,

FRST:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Alexander (administrator) on PIENUT on 01-07-2014 21:19:18
Running from C:\Users\Alexander\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mad Catz Inc) C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
() C:\Users\Alexander\AppData\Local\Microsoft\WinU\~zsuzopr.exe
(System Speedup) C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [S.T.R.I.K.E.5 Service] => C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe [278528 2012-10-11] (Mad Catz Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [RPMKickstart] - C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x21EE8203C0D2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - F764C80A9DD34EC998B4BA4247D9129F URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {463F81C0-28DE-492d-A646-8672191270CA} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: GBHO.BHO - {45d30484-7ded-43d9-957a-d2fd1f046511} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Deeal - {70C53538-9F82-42BC-A327-74F7A46E700C} - C:\Program Files (x86)\Deeal\ScriptHost.dll (Deeal)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Alexander\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF Extension: ProxTube - Unblock YouTube - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Adblock Plus - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Wallet) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S4 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-07-12] (BioWare)
S3 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [744856 2012-11-14] (Tunngle.net GmbH) [File not signed]
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [X]

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
R3 HidEmulator; C:\Windows\System32\DRIVERS\HidEmulator.sys [10480 2013-08-15] (Leap Motion, Inc.)
R3 HidEmulatorKmdf; C:\Windows\System32\DRIVERS\HidEmulatorKmdf.sys [24432 2013-08-15] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Said1108; C:\Windows\System32\DRIVERS\Said1108.sys [25920 2012-10-16] (Saitek)
R3 SaiK1108; C:\Windows\System32\DRIVERS\SaiK1108.sys [180544 2012-10-16] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-01 21:14 - 2014-07-01 21:14 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-01 21:14 - 2014-07-01 21:14 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-01 20:37 - 2014-07-01 21:14 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-07-01 20:37 - 2014-07-01 21:14 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-07-01 20:37 - 2014-07-01 21:14 - 00003118 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-01 20:37 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-01 20:37 - 2014-07-01 21:03 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-07-01 20:37 - 2014-07-01 21:03 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-07-01 20:37 - 2014-07-01 20:37 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-07-01 20:37 - 2014-07-01 20:37 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-07-01 20:37 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-07-01 20:36 - 2014-07-01 21:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-07-01 20:36 - 2014-07-01 21:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-07-01 20:36 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-07-01 20:13 - 2014-07-01 20:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95 (1).exe
2014-07-01 20:12 - 2014-07-01 20:12 - 00001268 _____ () C:\Users\Alexander\Desktop\Revo Uninstaller.lnk
2014-07-01 20:12 - 2014-07-01 20:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 20:11 - 2014-07-01 20:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95.exe
2014-06-30 16:59 - 2014-06-30 16:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 13:33 - 2014-06-30 13:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-29 15:29 - 2014-06-29 15:34 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:06 - 2014-06-28 21:15 - 00000000 ____D () C:\Qoobox
2014-06-28 21:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-28 21:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-28 21:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-28 21:04 - 2014-06-28 21:05 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 20:53 - 2014-07-01 21:19 - 00019143 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:43 - 2014-06-29 15:34 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-28 19:43 - 2014-06-28 19:44 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:42 - 2014-07-01 21:19 - 00000000 ____D () C:\FRST
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-29 15:14 - 00000000 ____D () C:\AdwCleaner
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 17:14 - 2014-06-29 14:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 17:14 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-28 17:10 - 2014-06-28 17:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 21:09 - 2014-06-28 19:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-18 04:00 - 2014-06-27 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 02:00 - 2014-07-01 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:19 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-16 17:17 - 2014-06-11 10:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-16 17:17 - 2014-06-11 10:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-16 17:17 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-05-30 01:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-16 17:10 - 2014-05-30 01:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-16 17:10 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:03 - 2014-06-16 17:10 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-12 14:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:57 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:57 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:57 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:57 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 14:57 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 14:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 14:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 14:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 14:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 14:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 14:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 14:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 14:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:56 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 14:56 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2014-06-10 19:41 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-06 12:52 - 2014-06-06 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:36 - 2014-06-11 10:13 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp

==================== One Month Modified Files and Folders =======

2014-07-01 21:20 - 2014-06-28 20:53 - 00019143 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-07-01 21:19 - 2014-06-28 19:42 - 00000000 ____D () C:\FRST
2014-07-01 21:14 - 2014-07-01 21:14 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-01 21:14 - 2014-07-01 21:14 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-01 21:14 - 2014-07-01 20:37 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-07-01 21:14 - 2014-07-01 20:37 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-07-01 21:14 - 2014-07-01 20:37 - 00003118 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-01 21:14 - 2014-07-01 20:37 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-01 21:14 - 2014-07-01 20:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-07-01 21:14 - 2014-07-01 20:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-07-01 21:11 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-01 21:11 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-01 21:06 - 2012-01-15 21:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Skype
2014-07-01 21:04 - 2012-01-14 15:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-07-01 21:04 - 2009-07-14 06:51 - 00092330 _____ () C:\Windows\setupact.log
2014-07-01 21:03 - 2014-07-01 20:37 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-07-01 21:03 - 2014-07-01 20:37 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-07-01 21:03 - 2012-01-14 14:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-01 21:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 21:02 - 2012-01-14 21:31 - 01622257 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 20:42 - 2012-12-16 13:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job
2014-07-01 20:37 - 2014-07-01 20:37 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-07-01 20:37 - 2014-07-01 20:37 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-07-01 20:32 - 2012-01-29 11:56 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8188928D-0519-47C3-AF23-9B006231D1F6}
2014-07-01 20:30 - 2013-10-16 11:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 20:26 - 2010-11-21 05:47 - 00879880 _____ () C:\Windows\PFRO.log
2014-07-01 20:21 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Spotify
2014-07-01 20:13 - 2014-07-01 20:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95 (1).exe
2014-07-01 20:12 - 2014-07-01 20:12 - 00001268 _____ () C:\Users\Alexander\Desktop\Revo Uninstaller.lnk
2014-07-01 20:12 - 2014-07-01 20:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 20:11 - 2014-07-01 20:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95.exe
2014-07-01 03:42 - 2014-03-21 14:55 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Battle.net
2014-07-01 02:42 - 2012-12-16 13:35 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job
2014-07-01 02:14 - 2012-11-01 17:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 02:07 - 2014-03-21 15:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-01 02:00 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-30 20:37 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Spotify
2014-06-30 16:59 - 2014-06-30 16:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 13:34 - 2011-04-12 09:43 - 00710518 _____ () C:\Windows\system32\perfh007.dat
2014-06-30 13:34 - 2011-04-12 09:43 - 00154848 _____ () C:\Windows\system32\perfc007.dat
2014-06-30 13:34 - 2009-07-14 07:13 - 01651758 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 13:33 - 2014-06-30 13:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-29 15:56 - 2012-01-15 04:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\PMB Files
2014-06-29 15:56 - 2012-01-14 16:25 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-29 15:34 - 2014-06-29 15:29 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:34 - 2014-06-28 19:43 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:14 - 2014-06-28 18:09 - 00000000 ____D () C:\AdwCleaner
2014-06-29 15:14 - 2013-07-24 19:57 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Common
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-29 14:59 - 2014-06-28 17:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:15 - 2014-06-28 21:06 - 00000000 ____D () C:\Qoobox
2014-06-28 21:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-28 21:05 - 2014-06-28 21:04 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 21:05 - 2012-10-14 15:13 - 00000000 ____D () C:\Windows\erdnt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:44 - 2014-06-28 19:43 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:42 - 2014-06-28 19:42 - 02083328 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:26 - 2014-06-27 21:09 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:50 - 2012-03-26 20:12 - 00002378 _____ () C:\Users\Alexander\Desktop\Google Chrome.lnk
2014-06-28 18:50 - 2012-01-15 14:37 - 00001154 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 15:21 - 00001142 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 14:44 - 00001425 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 18:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-06-28 17:38 - 2014-03-15 03:56 - 00000000 ____D () C:\Temp
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2012-10-17 22:58 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Malwarebytes
2014-06-28 17:14 - 2012-10-17 22:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 17:11 - 2014-06-28 17:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 17:04 - 2014-06-28 17:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 23:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-27 21:09 - 2014-06-27 21:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 21:09 - 2014-06-18 04:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-27 21:07 - 2014-06-27 21:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 21:07 - 2014-06-27 21:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-25 23:21 - 2014-03-21 14:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-24 05:37 - 2012-04-26 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-19 02:37 - 2012-12-16 13:35 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA
2014-06-19 02:37 - 2012-12-16 13:35 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core
2014-06-16 23:41 - 2013-10-16 11:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 23:41 - 2012-04-04 22:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 23:41 - 2012-01-14 16:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:20 - 2012-01-14 14:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-16 17:20 - 2012-01-14 14:47 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-06-16 17:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:10 - 2012-11-20 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-16 17:10 - 2012-01-14 14:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-13 03:04 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 03:02 - 2012-01-15 14:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 03:02 - 2012-01-15 14:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 03:01 - 2014-05-06 21:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 10:57 - 2014-06-16 17:17 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-11 10:57 - 2014-06-16 17:17 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-11 10:57 - 2012-02-22 14:22 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-11 10:18 - 2014-03-12 19:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-11 10:18 - 2012-01-15 21:01 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 10:13 - 2014-06-02 00:36 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:41 - 2014-06-10 19:40 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2012-01-21 16:04 - 00222889 _____ () C:\Windows\DirectX.log
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-08 11:13 - 2014-06-12 14:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 14:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 22:58 - 2014-06-06 12:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-06 14:30 - 2014-03-14 18:51 - 00010386 _____ () C:\Users\Alexander\Desktop\Internet Geld.xlsx
2014-06-03 01:27 - 2014-05-30 15:28 - 00000000 ____D () C:\Users\Alexander\Documents\BWL
2014-06-03 01:22 - 2013-04-28 16:22 - 00251340 _____ () C:\Windows\DPINST.LOG
2014-06-03 01:21 - 2013-12-01 15:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-03 01:21 - 2013-04-28 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-03 01:21 - 2012-01-14 14:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 00:38 - 2014-06-02 00:38 - 00003118 _____ () C:\Windows\System32\Tasks\{5FC41131-C8CB-444E-AEA2-5D818ABF92BD}
2014-06-02 00:35 - 2014-06-02 00:35 - 00002906 _____ () C:\Windows\System32\Tasks\TaskUserUpdate_wp

Files to move or delete:
====================
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat
C:\Users\Alexander\random.dat


Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 16:33

==================== End Of Log ============================
--- --- ---

--- --- ---


Nach der Deinstallation mit Revo Uninstaller hat es ungefähr 10 minuten gedauert bis sich Advanced System Protector und System Speedup wieder auf meinem Rechner befanden. Deeal ist nicht mehr aufgetaucht.

Es gab noch eine Fehlermeldung in der Stand:
C:\Users\Alexander\AppData\Local\Microsoft\WinU\main\btdal_2.exe

Nicht genügend Systemresourcen um den Dienst auszuführen.

Und Avira hat noch 3 Sicherheitshinweise gegeben, TR/Agent(genauen namen weiß ich leider nicht mehr) und TR/Crypt.XPACK.Gen8

Gruß Alex

schrauber 02.07.2014 12:48
Jetzt nervts :D

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).


pienut 02.07.2014 14:52
Hi,


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by SYSTEM on MININT-ED9O9UB on 02-07-2014 15:31:14
Running from f:\
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [S.T.R.I.K.E.5 Service] => C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe [278528 2012-10-11] (Mad Catz Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [RPMKickstart] - C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Alexander\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd)
HKU\Alexander\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} =>  No File
ShellIconOverlayIdentifiers-x32: SharingPrivate -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} =>  No File

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S4 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-07-12] (BioWare)
S3 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [744856 2012-11-14] (Tunngle.net GmbH)
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [X]

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
S3 HidEmulator; C:\Windows\System32\DRIVERS\HidEmulator.sys [10480 2013-08-15] (Leap Motion, Inc.)
S3 HidEmulatorKmdf; C:\Windows\System32\DRIVERS\HidEmulatorKmdf.sys [24432 2013-08-15] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Said1108; C:\Windows\System32\DRIVERS\Said1108.sys [25920 2012-10-16] (Saitek)
S3 SaiK1108; C:\Windows\System32\DRIVERS\SaiK1108.sys [180544 2012-10-16] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Users\Alexander\Desktop\FRST-OlderVersion
2014-07-01 20:14 - 2014-07-01 20:14 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-01 19:37 - 2014-07-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-01 19:37 - 2014-07-02 14:01 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-07-01 19:37 - 2014-07-01 20:14 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-07-01 19:37 - 2014-07-01 20:14 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-01 19:37 - 2014-07-01 20:03 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-07-01 19:37 - 2014-07-01 19:37 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-07-01 19:37 - 2014-07-01 19:37 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-07-01 19:37 - 2012-07-25 11:03 - 00016896 _____ () C:\Windows\System32\sasnative64.exe
2014-07-01 19:36 - 2014-07-02 14:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-07-01 19:36 - 2014-07-01 20:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-07-01 19:36 - 2013-12-13 16:53 - 00019544 _____ (System Speedup) C:\Windows\System32\roboot64.exe
2014-07-01 19:13 - 2014-07-01 19:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95 (1).exe
2014-07-01 19:12 - 2014-07-01 19:12 - 00001268 _____ () C:\Users\Alexander\Desktop\Revo Uninstaller.lnk
2014-07-01 19:12 - 2014-07-01 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 19:11 - 2014-07-01 19:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95.exe
2014-06-30 15:59 - 2014-06-30 15:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 12:33 - 2014-06-30 12:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-29 14:29 - 2014-06-29 14:34 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 14:24 - 2014-06-29 14:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 14:18 - 2014-06-29 14:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 14:13 - 2010-08-30 07:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-29 14:12 - 2014-06-29 14:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 14:11 - 2014-06-29 14:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-28 20:15 - 2014-06-28 20:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 20:06 - 2014-06-28 20:15 - 00000000 ____D () C:\Qoobox
2014-06-28 20:06 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-28 20:06 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-28 20:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-28 20:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-28 20:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-28 20:06 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-28 20:06 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-28 20:06 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-28 20:04 - 2014-06-28 20:05 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 19:53 - 2014-07-01 20:20 - 00056521 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-06-28 19:52 - 2014-06-28 19:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 19:30 - 2014-06-28 19:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 18:44 - 2014-06-28 18:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 18:43 - 2014-06-29 14:34 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-28 18:43 - 2014-06-28 18:44 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 18:42 - 2014-07-02 15:31 - 00000000 ____D () C:\FRST
2014-06-28 18:42 - 2014-07-02 13:57 - 02083840 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-06-28 18:41 - 2014-06-28 18:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 18:41 - 2014-06-28 18:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 18:19 - 2014-06-28 18:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 18:09 - 2014-06-28 18:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 18:09 - 2014-06-28 18:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 18:08 - 2014-06-28 18:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 17:43 - 2014-06-28 17:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 17:43 - 2014-06-28 17:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 17:32 - 2014-06-28 17:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 17:32 - 2014-06-28 17:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 17:13 - 2014-06-28 17:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 17:09 - 2014-06-29 14:14 - 00000000 ____D () C:\AdwCleaner
2014-06-28 17:09 - 2014-06-28 17:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 16:14 - 2014-06-29 13:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-06-28 16:14 - 2014-06-28 16:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 16:14 - 2014-05-12 06:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-06-28 16:14 - 2014-05-12 06:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-06-28 16:10 - 2014-06-28 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 16:04 - 2014-06-28 16:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 20:09 - 2014-06-28 18:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-27 20:09 - 2014-06-27 20:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 20:07 - 2014-06-27 20:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 20:07 - 2014-06-27 20:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-24 22:04 - 2014-06-24 22:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-21 21:58 - 2014-06-21 21:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-18 03:00 - 2014-06-27 20:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 01:00 - 2014-07-02 01:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-16 16:20 - 2014-06-16 16:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 16:19 - 2014-05-20 00:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-16 16:17 - 2014-06-11 09:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2014-06-16 16:17 - 2014-06-11 09:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2014-06-16 16:17 - 2014-05-20 03:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433788.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433788.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2014-06-16 16:17 - 2014-05-20 03:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-16 16:10 - 2014-06-16 16:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 16:10 - 2014-06-16 16:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 16:10 - 2014-05-30 00:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-16 16:10 - 2014-05-30 00:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-16 16:10 - 2014-05-29 23:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll
2014-06-16 16:10 - 2014-05-29 23:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2014-06-16 16:10 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2014-06-16 16:10 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2014-06-16 16:10 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-16 16:09 - 2014-06-16 16:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 16:04 - 2014-06-16 16:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 16:04 - 2014-06-16 16:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 16:04 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 16:04 - 2014-06-16 16:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 16:03 - 2014-06-16 16:10 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 16:03 - 2014-06-16 16:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 16:02 - 2014-06-16 16:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-12 13:57 - 2014-05-30 11:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-06-12 13:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-06-12 13:57 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-06-12 13:57 - 2014-05-30 10:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-06-12 13:57 - 2014-05-30 10:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-06-12 13:57 - 2014-05-30 10:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-06-12 13:57 - 2014-05-30 10:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-06-12 13:57 - 2014-05-30 10:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-06-12 13:57 - 2014-05-30 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-06-12 13:57 - 2014-05-30 10:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-06-12 13:57 - 2014-05-30 10:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-06-12 13:57 - 2014-05-30 10:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-06-12 13:57 - 2014-05-30 10:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-06-12 13:57 - 2014-05-30 10:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 13:57 - 2014-05-30 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-12 13:57 - 2014-05-30 10:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-06-12 13:57 - 2014-05-30 10:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-06-12 13:57 - 2014-05-30 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 13:57 - 2014-05-30 09:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-12 13:57 - 2014-05-30 09:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-06-12 13:57 - 2014-05-30 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-06-12 13:57 - 2014-05-30 09:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 13:57 - 2014-05-30 09:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-06-12 13:57 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 13:57 - 2014-05-30 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 13:57 - 2014-05-30 09:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 13:57 - 2014-05-30 09:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-06-12 13:57 - 2014-05-30 09:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 13:57 - 2014-05-30 09:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 13:57 - 2014-05-30 09:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 13:57 - 2014-05-30 09:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-06-12 13:57 - 2014-05-30 09:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 13:57 - 2014-05-30 09:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 13:57 - 2014-05-30 09:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-06-12 13:57 - 2014-05-30 09:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-06-12 13:57 - 2014-05-30 09:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 13:57 - 2014-05-30 09:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 13:57 - 2014-05-30 09:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 13:57 - 2014-05-30 09:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 13:57 - 2014-05-30 09:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 13:57 - 2014-05-30 08:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 13:57 - 2014-05-30 08:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-06-12 13:57 - 2014-05-30 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 13:57 - 2014-05-30 08:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 13:57 - 2014-05-30 08:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 13:57 - 2014-05-30 08:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-06-12 13:57 - 2014-05-30 08:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 13:57 - 2014-05-30 08:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-06-12 13:57 - 2014-05-30 08:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 13:57 - 2014-05-30 08:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 13:57 - 2014-05-30 08:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-06-12 13:57 - 2014-05-30 08:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 13:57 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll
2014-06-12 13:57 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 13:57 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-06-12 13:57 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2014-06-12 13:57 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2014-06-12 13:57 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-06-12 13:57 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2014-06-12 13:57 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2014-06-12 13:57 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 13:57 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 13:57 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 13:57 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 13:56 - 2014-06-08 10:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-06-12 13:56 - 2014-06-08 10:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-06-10 18:40 - 2014-06-10 18:41 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 18:36 - 2014-06-10 18:36 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-06 11:52 - 2014-06-06 21:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2014-07-02 15:31 - 2014-06-28 18:42 - 00000000 ____D () C:\FRST
2014-07-02 14:26 - 2012-01-14 20:31 - 01658973 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 14:25 - 2012-01-15 20:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Skype
2014-07-02 14:11 - 2009-07-14 05:45 - 00022000 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 14:11 - 2009-07-14 05:45 - 00022000 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 14:10 - 2011-04-12 08:43 - 00710518 _____ () C:\Windows\System32\perfh007.dat
2014-07-02 14:10 - 2011-04-12 08:43 - 00154848 _____ () C:\Windows\System32\perfc007.dat
2014-07-02 14:10 - 2009-07-14 06:13 - 01651758 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-02 14:05 - 2014-07-01 19:37 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-02 14:04 - 2012-01-14 14:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-07-02 14:04 - 2012-01-14 13:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-02 14:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 14:04 - 2009-07-14 05:51 - 00092825 _____ () C:\Windows\setupact.log
2014-07-02 14:01 - 2014-07-01 19:37 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-07-02 14:01 - 2014-07-01 19:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Users\Alexander\Desktop\FRST-OlderVersion
2014-07-02 13:57 - 2014-06-28 18:42 - 02083840 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-07-02 13:55 - 2012-12-16 12:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job
2014-07-02 13:54 - 2013-10-16 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 01:42 - 2012-12-16 12:35 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job
2014-07-02 01:00 - 2014-06-17 01:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-07-02 00:59 - 2012-11-01 16:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 22:14 - 2012-01-15 03:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\PMB Files
2014-07-01 20:20 - 2014-06-28 19:53 - 00056521 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-07-01 20:14 - 2014-07-01 20:14 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-01 20:14 - 2014-07-01 19:37 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-07-01 20:14 - 2014-07-01 19:37 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-01 20:14 - 2014-07-01 19:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-07-01 20:03 - 2014-07-01 19:37 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-07-01 19:37 - 2014-07-01 19:37 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-07-01 19:37 - 2014-07-01 19:37 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-07-01 19:32 - 2012-01-29 10:56 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8188928D-0519-47C3-AF23-9B006231D1F6}
2014-07-01 19:26 - 2010-11-21 04:47 - 00879880 _____ () C:\Windows\PFRO.log
2014-07-01 19:21 - 2012-04-12 14:24 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Spotify
2014-07-01 19:13 - 2014-07-01 19:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95 (1).exe
2014-07-01 19:12 - 2014-07-01 19:12 - 00001268 _____ () C:\Users\Alexander\Desktop\Revo Uninstaller.lnk
2014-07-01 19:12 - 2014-07-01 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 19:11 - 2014-07-01 19:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95.exe
2014-07-01 02:42 - 2014-03-21 13:55 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Battle.net
2014-07-01 01:07 - 2014-03-21 14:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-06-30 19:37 - 2012-04-12 14:24 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Spotify
2014-06-30 15:59 - 2014-06-30 15:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 12:33 - 2014-06-30 12:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-29 14:56 - 2012-01-14 15:25 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-29 14:34 - 2014-06-29 14:29 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 14:34 - 2014-06-28 18:43 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-29 14:24 - 2014-06-29 14:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 14:18 - 2014-06-29 14:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 14:14 - 2014-06-28 17:09 - 00000000 ____D () C:\AdwCleaner
2014-06-29 14:14 - 2013-07-24 18:57 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Common
2014-06-29 14:12 - 2014-06-29 14:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 14:11 - 2014-06-29 14:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-29 13:59 - 2014-06-28 16:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-06-28 20:15 - 2014-06-28 20:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 20:15 - 2014-06-28 20:06 - 00000000 ____D () C:\Qoobox
2014-06-28 20:14 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-28 20:05 - 2014-06-28 20:04 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 20:05 - 2012-10-14 14:13 - 00000000 ____D () C:\Windows\erdnt
2014-06-28 19:52 - 2014-06-28 19:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 19:30 - 2014-06-28 19:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 18:44 - 2014-06-28 18:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 18:44 - 2014-06-28 18:43 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 18:41 - 2014-06-28 18:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 18:41 - 2014-06-28 18:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 18:26 - 2014-06-27 20:09 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-28 18:19 - 2014-06-28 18:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 18:09 - 2014-06-28 18:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 18:09 - 2014-06-28 18:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 18:08 - 2014-06-28 18:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 17:50 - 2012-03-26 19:12 - 00002378 _____ () C:\Users\Alexander\Desktop\Google Chrome.lnk
2014-06-28 17:50 - 2012-01-14 14:21 - 00001142 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 17:43 - 2014-06-28 17:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 17:43 - 2014-06-28 17:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 17:32 - 2014-06-28 17:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 17:32 - 2014-06-28 17:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 17:13 - 2014-06-28 17:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 17:09 - 2014-06-28 17:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 17:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-06-28 16:38 - 2014-03-15 02:56 - 00000000 ____D () C:\Temp
2014-06-28 16:14 - 2014-06-28 16:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 16:14 - 2012-10-17 21:58 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Malwarebytes
2014-06-28 16:14 - 2012-10-17 21:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 16:11 - 2014-06-28 16:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 16:04 - 2014-06-28 16:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 22:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-06-27 20:09 - 2014-06-27 20:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 20:09 - 2014-06-18 03:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-27 20:07 - 2014-06-27 20:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 20:07 - 2014-06-27 20:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-25 22:21 - 2014-03-21 13:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 22:04 - 2014-06-24 22:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-24 04:37 - 2012-04-26 08:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 21:58 - 2014-06-21 21:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-19 01:37 - 2012-12-16 12:35 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA
2014-06-19 01:37 - 2012-12-16 12:35 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core
2014-06-16 22:41 - 2013-10-16 10:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 22:41 - 2012-04-04 21:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 22:41 - 2012-01-14 15:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 16:20 - 2014-06-16 16:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 16:20 - 2012-01-14 13:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-16 16:20 - 2012-01-14 13:47 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-16 16:11 - 2014-06-16 16:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 16:11 - 2014-06-16 16:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 16:10 - 2014-06-16 16:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 16:10 - 2012-01-14 13:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-16 16:09 - 2014-06-16 16:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 16:04 - 2014-06-16 16:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 16:04 - 2014-06-16 16:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 16:04 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 16:04 - 2014-06-16 16:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 16:04 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-16 16:03 - 2014-06-16 16:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 16:02 - 2014-06-16 16:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-13 02:04 - 2013-07-14 02:00 - 00000000 ____D () C:\Windows\System32\MRT
2014-06-13 02:02 - 2012-01-15 13:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-06-13 02:02 - 2012-01-15 13:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 02:01 - 2014-05-06 20:56 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-06-11 09:57 - 2014-06-16 16:17 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2014-06-11 09:57 - 2014-06-16 16:17 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2014-06-11 09:57 - 2012-02-22 13:22 - 01515296 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2014-06-11 09:18 - 2014-03-12 18:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-11 09:18 - 2012-01-15 20:01 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 09:13 - 2014-06-01 23:36 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-10 18:41 - 2014-06-10 18:40 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 18:40 - 2012-01-21 15:04 - 00222889 _____ () C:\Windows\DirectX.log
2014-06-10 18:36 - 2014-06-10 18:36 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-08 10:13 - 2014-06-12 13:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-06-08 10:08 - 2014-06-12 13:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-06-06 21:58 - 2014-06-06 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-06 13:30 - 2014-03-14 17:51 - 00010386 _____ () C:\Users\Alexander\Desktop\Internet Geld.xlsx
2014-06-03 00:27 - 2014-05-30 14:28 - 00000000 ____D () C:\Users\Alexander\Documents\BWL
2014-06-03 00:22 - 2013-04-28 15:22 - 00251340 _____ () C:\Windows\DPINST.LOG
2014-06-03 00:21 - 2013-12-01 14:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-03 00:21 - 2012-01-14 13:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

Files to move or delete:
====================
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat
C:\Users\Alexander\random.dat


Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-06-30 15:40:24
Restore point made on: 2014-07-01 19:15:25
Restore point made on: 2014-07-01 19:19:34
Restore point made on: 2014-07-01 19:20:45
Restore point made on: 2014-07-01 19:39:42
Restore point made on: 2014-07-01 19:41:47

==================== Memory info ===========================

Percentage of memory in use: 7%
Total physical RAM: 16301.12 MB
Available physical RAM: 15118.14 MB
Total Pagefile: 16299.32 MB
Available Pagefile: 15105.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1413.27 GB) NTFS
Drive e: (Xbox360_1_2) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
Drive f: (USB DISK) (Removable) (Total:1.87 GB) (Free:0.92 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2AB85C61)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=2 GB) - (Type=06)


LastRegBack: 2014-06-30 15:33

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 03.07.2014 11:44
Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [X]
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
C:\Windows\GVTDrv64.sys
2014-07-01 20:14 - 2014-07-01 20:14 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-01 19:37 - 2014-07-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-01 19:37 - 2014-07-02 14:01 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-07-01 19:37 - 2014-07-01 20:14 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-07-01 19:37 - 2014-07-01 20:14 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-01 19:37 - 2014-07-01 20:03 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-07-01 19:37 - 2014-07-01 19:37 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-07-01 19:37 - 2014-07-01 19:37 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-07-01 19:37 - 2012-07-25 11:03 - 00016896 _____ () C:\Windows\System32\sasnative64.exe
2014-07-01 19:36 - 2014-07-02 14:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-07-01 19:36 - 2014-07-01 20:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-07-01 19:36 - 2013-12-13 16:53 - 00019544 _____ (System Speedup) C:\Windows\System32\roboot64.exe
2014-06-28 16:04 - 2014-06-28 16:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 20:09 - 2014-06-28 18:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-27 20:09 - 2014-06-27 20:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 20:07 - 2014-06-27 20:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 20:07 - 2014-06-27 20:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat
C:\Users\Alexander\random.dat
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.


Rechner normal starten. FRST Log vom Desktop bitte.

pienut 03.07.2014 13:37
Hi,

Fixlist.txt:
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by SYSTEM at 2014-07-03 14:05:23 Run:2
Running from F:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [X]
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
C:\Windows\GVTDrv64.sys
2014-07-01 20:14 - 2014-07-01 20:14 - 00001205 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-07-01 20:14 - 2014-07-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-01 19:37 - 2014-07-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-01 19:37 - 2014-07-02 14:01 - 00000292 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-07-01 19:37 - 2014-07-01 20:14 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-07-01 19:37 - 2014-07-01 20:14 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-01 19:37 - 2014-07-01 20:03 - 00000300 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-07-01 19:37 - 2014-07-01 19:37 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-07-01 19:37 - 2014-07-01 19:37 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-07-01 19:37 - 2012-07-25 11:03 - 00016896 _____ () C:\Windows\System32\sasnative64.exe
2014-07-01 19:36 - 2014-07-02 14:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\System Speedup
2014-07-01 19:36 - 2014-07-01 20:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\systweak
2014-07-01 19:36 - 2013-12-13 16:53 - 00019544 _____ (System Speedup) C:\Windows\System32\roboot64.exe
2014-06-28 16:04 - 2014-06-28 16:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Alexander\Downloads\SpyHunter-Installer.exe
2014-06-27 20:09 - 2014-06-28 18:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\betadeeal
2014-06-27 20:09 - 2014-06-27 20:09 - 00003192 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-27 20:07 - 2014-06-27 20:07 - 00003244 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-27 20:07 - 2014-06-27 20:07 - 00003218 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat
C:\Users\Alexander\random.dat
       
*****************

LeapService => Service deleted successfully.
GVTDrv64 => Service deleted successfully.
C:\Windows\GVTDrv64.sys => Moved successfully.
C:\Users\Public\Desktop\Advanced System Protector.lnk => Moved successfully.
C:\Users\Public\Desktop\System Speedup.lnk => Moved successfully.
C:\Program Files (x86)\System Speedup => Moved successfully.
C:\Program Files (x86)\Advanced System Protector => Moved successfully.
C:\Windows\System32\Tasks\Advanced System Protector_startup => Moved successfully.
C:\Windows\Tasks\System Speedup_DEFAULT.job => Moved successfully.
C:\Windows\System32\Tasks\Advanced System Protector => Moved successfully.
C:\ProgramData\Systweak => Moved successfully.
C:\Windows\Tasks\System Speedup_UPDATES.job => Moved successfully.
C:\Windows\System32\Tasks\System Speedup_UPDATES => Moved successfully.
C:\Windows\System32\Tasks\System Speedup_DEFAULT => Moved successfully.
C:\Windows\System32\sasnative64.exe => Moved successfully.
C:\Users\Alexander\AppData\Roaming\System Speedup => Moved successfully.
C:\Users\Alexander\AppData\Roaming\systweak => Moved successfully.
C:\Windows\System32\roboot64.exe => Moved successfully.
C:\Users\Alexander\Downloads\SpyHunter-Installer.exe => Moved successfully.
C:\Users\Alexander\AppData\Roaming\betadeeal => Moved successfully.
C:\Windows\System32\Tasks\WIN-fdfEfEfAfC => Moved successfully.
C:\Windows\System32\Tasks\WIN-statsSystem => Moved successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin => Moved successfully.
C:\Users\Alexander\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Alexander\random.dat => Moved successfully.

==== End of Fixlog ====


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Alexander (administrator) on PIENUT on 03-07-2014 14:10:46
Running from C:\Users\Alexander\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mad Catz Inc) C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [S.T.R.I.K.E.5 Service] => C:\Program Files (x86)\Mad Catz\Strike5Service\Strike5.exe [278528 2012-10-11] (Mad Catz Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [RPMKickstart] - C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd)
HKU\S-1-5-21-2326150098-3520983787-2908837582-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x21EE8203C0D2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - F764C80A9DD34EC998B4BA4247D9129F URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {463F81C0-28DE-492d-A646-8672191270CA} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: GBHO.BHO - {45d30484-7ded-43d9-957a-d2fd1f046511} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Deeal - {70C53538-9F82-42BC-A327-74F7A46E700C} - C:\Program Files (x86)\Deeal\ScriptHost.dll (Deeal)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Alexander\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF Extension: ProxTube - Unblock YouTube - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Adblock Plus - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\fbkl3xzq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Wallet) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S4 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-07-12] (BioWare)
S3 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [744856 2012-11-14] (Tunngle.net GmbH) [File not signed]

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
R3 HidEmulator; C:\Windows\System32\DRIVERS\HidEmulator.sys [10480 2013-08-15] (Leap Motion, Inc.)
R3 HidEmulatorKmdf; C:\Windows\System32\DRIVERS\HidEmulatorKmdf.sys [24432 2013-08-15] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Said1108; C:\Windows\System32\DRIVERS\Said1108.sys [25920 2012-10-16] (Saitek)
R3 SaiK1108; C:\Windows\System32\DRIVERS\SaiK1108.sys [180544 2012-10-16] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 14:57 - 2014-07-02 14:57 - 00000000 ____D () C:\Users\Alexander\Desktop\FRST-OlderVersion
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-07-01 20:13 - 2014-07-01 20:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95 (1).exe
2014-07-01 20:12 - 2014-07-01 20:12 - 00001268 _____ () C:\Users\Alexander\Desktop\Revo Uninstaller.lnk
2014-07-01 20:12 - 2014-07-01 20:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 20:11 - 2014-07-01 20:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95.exe
2014-06-30 16:59 - 2014-06-30 16:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 13:33 - 2014-06-30 13:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-29 15:29 - 2014-06-29 15:34 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:06 - 2014-06-28 21:15 - 00000000 ____D () C:\Qoobox
2014-06-28 21:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-28 21:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-28 21:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-28 21:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-28 21:04 - 2014-06-28 21:05 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 20:53 - 2014-07-03 14:10 - 00017795 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:43 - 2014-06-29 15:34 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-28 19:43 - 2014-06-28 19:44 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:42 - 2014-07-03 14:10 - 00000000 ____D () C:\FRST
2014-06-28 19:42 - 2014-07-02 14:57 - 02083840 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-29 15:14 - 00000000 ____D () C:\AdwCleaner
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 17:14 - 2014-06-29 14:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 17:14 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-28 17:10 - 2014-06-28 17:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-18 04:00 - 2014-06-27 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 02:00 - 2014-07-03 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:19 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-16 17:17 - 2014-06-11 10:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-16 17:17 - 2014-06-11 10:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-16 17:17 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-16 17:17 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:10 - 2014-06-16 17:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-05-30 01:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-16 17:10 - 2014-05-30 01:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-16 17:10 - 2014-05-30 00:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-16 17:10 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-16 17:10 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:03 - 2014-06-16 17:10 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-12 14:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:57 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:57 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:57 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:57 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:57 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 14:57 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 14:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 14:57 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 14:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 14:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 14:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 14:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 14:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 14:57 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 14:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 14:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 14:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 14:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 14:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 14:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 14:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 14:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 14:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 14:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 14:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 14:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 14:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 14:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 14:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:56 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 14:56 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2014-06-10 19:41 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-06 12:52 - 2014-06-06 22:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2014-07-03 15:05 - 2012-01-14 14:44 - 00000000 ____D () C:\Users\Alexander
2014-07-03 14:11 - 2014-06-28 20:53 - 00017795 _____ () C:\Users\Alexander\Desktop\FRST.txt
2014-07-03 14:10 - 2014-06-28 19:42 - 00000000 ____D () C:\FRST
2014-07-03 14:10 - 2012-01-15 21:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Skype
2014-07-03 14:08 - 2012-01-14 15:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-07-03 14:07 - 2012-01-14 14:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-03 14:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 14:07 - 2009-07-14 06:51 - 00093497 _____ () C:\Windows\setupact.log
2014-07-03 13:57 - 2012-01-14 21:31 - 01694818 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 13:57 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 13:57 - 2009-07-14 06:45 - 00022000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 04:02 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Spotify
2014-07-03 03:42 - 2012-12-16 13:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA.job
2014-07-03 03:30 - 2013-10-16 11:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 03:01 - 2012-11-01 17:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-03 02:42 - 2012-12-16 13:35 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core.job
2014-07-03 02:00 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-07-03 01:13 - 2012-01-15 04:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\PMB Files
2014-07-02 21:13 - 2012-01-29 11:56 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8188928D-0519-47C3-AF23-9B006231D1F6}
2014-07-02 20:02 - 2014-03-21 14:55 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Battle.net
2014-07-02 15:53 - 2011-04-12 09:43 - 00710518 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 15:53 - 2011-04-12 09:43 - 00154848 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 15:53 - 2009-07-14 07:13 - 01651758 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 15:46 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-02 14:57 - 2014-07-02 14:57 - 00000000 ____D () C:\Users\Alexander\Desktop\FRST-OlderVersion
2014-07-02 14:57 - 2014-06-28 19:42 - 02083840 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-07-01 21:14 - 2014-07-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-07-01 20:26 - 2010-11-21 05:47 - 00879880 _____ () C:\Windows\PFRO.log
2014-07-01 20:13 - 2014-07-01 20:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95 (1).exe
2014-07-01 20:12 - 2014-07-01 20:12 - 00001268 _____ () C:\Users\Alexander\Desktop\Revo Uninstaller.lnk
2014-07-01 20:12 - 2014-07-01 20:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 20:11 - 2014-07-01 20:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Alexander\Downloads\revosetup95.exe
2014-07-01 02:07 - 2014-03-21 15:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-06-30 20:37 - 2012-04-12 15:24 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Spotify
2014-06-30 16:59 - 2014-06-30 16:59 - 00854367 _____ () C:\Users\Alexander\Downloads\SecurityCheck (1).exe
2014-06-30 13:33 - 2014-06-30 13:33 - 02347384 _____ (ESET) C:\Users\Alexander\Downloads\esetsmartinstaller_deu.exe
2014-06-29 15:56 - 2012-01-14 16:25 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-29 15:34 - 2014-06-29 15:29 - 00060929 _____ () C:\Users\Alexander\Desktop\FRST(29.06.).txt
2014-06-29 15:34 - 2014-06-28 19:43 - 00060929 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-06-29 15:24 - 2014-06-29 15:24 - 00000787 _____ () C:\Users\Alexander\Desktop\JRT.txt
2014-06-29 15:18 - 2014-06-29 15:18 - 00008189 _____ () C:\Users\Alexander\Desktop\AdwCleaner[S0].txt
2014-06-29 15:14 - 2014-06-28 18:09 - 00000000 ____D () C:\AdwCleaner
2014-06-29 15:14 - 2013-07-24 19:57 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Common
2014-06-29 15:12 - 2014-06-29 15:12 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213 (1).exe
2014-06-29 15:11 - 2014-06-29 15:11 - 00001443 _____ () C:\Users\Alexander\Desktop\mbam.txt
2014-06-29 14:59 - 2014-06-28 17:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 21:15 - 2014-06-28 21:15 - 00030747 _____ () C:\ComboFix.txt
2014-06-28 21:15 - 2014-06-28 21:06 - 00000000 ____D () C:\Qoobox
2014-06-28 21:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-28 21:05 - 2014-06-28 21:04 - 05212118 ____R (Swearware) C:\Users\Alexander\Downloads\ComboFix.exe
2014-06-28 21:05 - 2012-10-14 15:13 - 00000000 ____D () C:\Windows\erdnt
2014-06-28 20:52 - 2014-06-28 20:52 - 00048924 _____ () C:\Users\Alexander\Desktop\Addition.txt
2014-06-28 20:30 - 2014-06-28 20:30 - 00006037 _____ () C:\Users\Alexander\Desktop\Gmer.txt
2014-06-28 19:44 - 2014-06-28 19:44 - 00380416 _____ () C:\Users\Alexander\Downloads\Gmer-19357.exe
2014-06-28 19:44 - 2014-06-28 19:43 - 00048924 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-06-28 19:41 - 2014-06-28 19:41 - 00050477 _____ () C:\Users\Alexander\Downloads\Defogger.exe
2014-06-28 19:41 - 2014-06-28 19:41 - 00000480 _____ () C:\Users\Alexander\Downloads\defogger_disable.log
2014-06-28 19:19 - 2014-06-28 19:19 - 00000652 _____ () C:\Users\Alexander\Desktop\Junk Removal Tool.txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001434 _____ () C:\AdwCleaner[S2].txt
2014-06-28 19:09 - 2014-06-28 19:09 - 00001372 _____ () C:\AdwCleaner[R3].txt
2014-06-28 19:08 - 2014-06-28 19:08 - 00001312 _____ () C:\AdwCleaner[R2].txt
2014-06-28 18:50 - 2012-03-26 20:12 - 00002378 _____ () C:\Users\Alexander\Desktop\Google Chrome.lnk
2014-06-28 18:50 - 2012-01-15 14:37 - 00001154 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 15:21 - 00001142 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 18:50 - 2012-01-14 14:44 - 00001425 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-28 18:43 - 2014-06-28 18:43 - 01016261 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-06-28 18:43 - 2014-06-28 18:43 - 00000000 ____D () C:\Windows\ERUNT
2014-06-28 18:32 - 2014-06-28 18:32 - 00015539 _____ () C:\AdwCleaner[S1].txt
2014-06-28 18:32 - 2014-06-28 18:32 - 00015373 _____ () C:\AdwCleaner[R1].txt
2014-06-28 18:13 - 2014-06-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-28 18:09 - 2014-06-28 18:09 - 01342659 _____ () C:\Users\Alexander\Downloads\adwcleaner_3.213.exe
2014-06-28 18:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-06-28 17:38 - 2014-03-15 03:56 - 00000000 ____D () C:\Temp
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2014-06-28 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 17:14 - 2012-10-17 22:58 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Malwarebytes
2014-06-28 17:14 - 2012-10-17 22:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 17:11 - 2014-06-28 17:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alexander\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-27 23:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-27 21:09 - 2014-06-18 04:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-25 23:21 - 2014-03-21 14:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 23:04 - 2014-06-24 23:04 - 00000000 ____D () C:\Warner Bros. Interactive Entertainment
2014-06-24 05:37 - 2012-04-26 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 22:58 - 2014-06-21 22:58 - 00000000 ____D () C:\Users\Alexander\Documents\Banished
2014-06-19 02:37 - 2012-12-16 13:35 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000UA
2014-06-19 02:37 - 2012-12-16 13:35 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326150098-3520983787-2908837582-1000Core
2014-06-16 23:41 - 2013-10-16 11:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 23:41 - 2012-04-04 22:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 23:41 - 2012-01-14 16:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 17:20 - 2014-06-16 17:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-16 17:20 - 2012-01-14 14:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-16 17:20 - 2012-01-14 14:47 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA Corporation
2014-06-16 17:11 - 2014-06-16 17:10 - 00000000 ____D () C:\Users\Alexander\AppData\Local\NVIDIA
2014-06-16 17:10 - 2014-06-16 17:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-16 17:10 - 2012-11-20 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-16 17:10 - 2012-01-14 14:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-16 17:09 - 2014-06-16 17:09 - 30000520 _____ (NVIDIA Corporation) C:\Users\Alexander\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-16 17:04 - 2014-06-16 17:04 - 00001816 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-16 17:04 - 2014-06-16 17:04 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-16 17:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-16 17:03 - 2014-06-16 17:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Bluestacks
2014-06-16 17:02 - 2014-06-16 17:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Alexander\Downloads\BlueStacks App Player - CHIP-Installer.exe
2014-06-13 03:04 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 03:02 - 2012-01-15 14:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 03:02 - 2012-01-15 14:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 03:01 - 2014-05-06 21:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 10:57 - 2014-06-16 17:17 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-11 10:57 - 2014-06-16 17:17 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-11 10:57 - 2012-02-22 14:22 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-11 10:18 - 2014-03-12 19:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-11 10:18 - 2012-01-15 21:01 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 10:13 - 2014-06-02 00:36 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-06-10 19:41 - 2014-06-10 19:40 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-06-10 19:40 - 2012-01-21 16:04 - 00222889 _____ () C:\Windows\DirectX.log
2014-06-10 19:36 - 2014-06-10 19:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-06-08 11:13 - 2014-06-12 14:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 14:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 22:58 - 2014-06-06 12:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-06 14:30 - 2014-03-14 18:51 - 00010386 _____ () C:\Users\Alexander\Desktop\Internet Geld.xlsx
2014-06-03 01:27 - 2014-05-30 15:28 - 00000000 ____D () C:\Users\Alexander\Documents\BWL
2014-06-03 01:22 - 2013-04-28 16:22 - 00251340 _____ () C:\Windows\DPINST.LOG
2014-06-03 01:21 - 2013-12-01 15:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-03 01:21 - 2013-04-28 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-03 01:21 - 2012-01-14 14:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 16:33

==================== End Of Log ============================
--- --- ---

--- --- ---


Unter Systemsteuerung --> Programme deinstallieren und im Startmenü tauchen Advanced System Protector und System Speedup immer noch auf, allerdings sind sie auf dem Desktop verschwunden. Der Automatische Suchlauf von System Speedup hat sich jetzt aber nicht mehr von selbst gestartet.

Gruß Alex

schrauber 04.07.2014 12:57
Die Dinger im Startmenü einfach löschen. Ebenso in der Uninstall Liste.

Teste den Rechner bitte mal 2 Tage und melde dich wieder :)

pienut 04.07.2014 14:15
Meinst du mit löschen in der Uninstall Liste deinstallieren? Einfach so löschen kann ich sie nämlich nicht.

gruß, Alex

schrauber 05.07.2014 11:56
ja auf deinstallieren klicken.

pienut 07.07.2014 13:48
Hi schrauber,

die zwei Tage sind rum und ich habe seitdem keine Probleme mehr, die Programme sind nicht mehr aufgetaucht und Avira hat auch keine Warnmeldungen mehr gebracht.

Vielen lieben Dank für die Hilfe!


Gruß Alex

schrauber 08.07.2014 06:26
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

pienut 08.07.2014 16:32
Hi schrauber,

Ich hab soweit alles erledigt und auch ein paar von deinen Vorschlägen angenommen,
ich hoffe wir sehen uns nicht so bald wieder, wegen Viren, nichts gegen dich ;) , dein Support war echt einsame Spitze, dafür noch einmal Tausend Dank.

Gruß Alex

schrauber 09.07.2014 12:18
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:27 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132