Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Trojaner Frage zu Folgen (https://www.trojaner-board.de/163091-trojaner-frage-folgen.html)

aim 22.01.2015 21:27
Trojaner Frage zu Folgen
 
Hallo,
ich hatte so ein verdacht das ich vlt. Malware auf mein PC habe obwohl ich "Malwarebytes Anti-Malware" schon oben habe.
Also downloadete ich "Kaspersky Rescue Disk 10" und ließ es mein ganzen PC durchsuchen...
Da sah ich 30 Malware programme auf mein PC(82 Berichte). Ich löschte sie sofort auf der such was ich tun sollte kam ich auf diese Seite und Downloadet mir "Trent Micro HouseCall" der fand nichts. Ich hab mir jetzt ein neuen Antvirus geholt Trend Micro Internet Security 2015.

Meine frage soll ich meine Passwörter löschen da ich auch Online-Banking mache-bzw alle Passwörter ?

Danke im Vorraus :)

cosinus 22.01.2015 21:28
Hi und :hallo:

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

aim 31.01.2015 13:38
Code:
Status: Gelöscht  (Ereignisse: 30)       
21.01.15 21:21        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer-1352396081.jar        Hoch       
21.01.15 21:21        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer-1352396081.jar//df.class        Hoch       
21.01.15 21:22        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer-1990987758.jar        Hoch       
21.01.15 21:22        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer-1990987758.jar//df.class        Hoch       
21.01.15 21:22        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer-791785317.jar        Hoch       
21.01.15 21:22        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer-791785317.jar//df.class        Hoch       
21.01.15 21:26        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer-849479345.jar        Hoch       
21.01.15 21:26        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer-849479345.jar//df.class        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer1259497400.jar        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer1259497400.jar//df.class        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer1632493765.jar        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer1632493765.jar//df.class        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer653720324.jar        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer653720324.jar//df.class        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer1665311677.jar        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer1665311677.jar//df.class        Hoch       
21.01.15 21:28        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer900950739.jar        Hoch       
21.01.15 21:28        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer900950739.jar//df.class        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/AppData/RoamingServer799602480.jar        Hoch       
21.01.15 21:27        Gelöscht        trojanisches Programm Backdoor.Java.Jocc.f        C:/Users/Richi/AppData/RoamingServer799602480.jar//df.class        Hoch       
21.01.15 21:21        Gelöscht        trojanisches Programm HEUR:Trojan-Downloader.Win32.Generic        C:/Users/Richi/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/EL2TWDTL/2[1].zip        Hoch       
21.01.15 21:21        Gelöscht        trojanisches Programm HEUR:Trojan-Downloader.Win32.Generic        C:/Users/Richi/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/EL2TWDTL/2[1].zip//STab_Down.exe        Hoch       
21.01.15 21:28        Gelöscht        trojanisches Programm HEUR:Backdoor.Java.Generic        C:/Users/Richi/Downloads/rat-blocker.jar        Hoch       
21.01.15 21:28        Gelöscht        trojanisches Programm Backdoor.Java.Agent.g        C:/Users/Richi/Downloads/rat-blocker.jar//a.class        Hoch       
21.01.15 21:28        Gelöscht        trojanisches Programm Trojan-Dropper.Win32.Autoit.bqq        C:/Users/Richi/Downloads/[CSGO] wallhack  aimbot (legit,rage).exe        Hoch       
21.01.15 21:28        Gelöscht        trojanisches Programm Trojan-Dropper.Win32.Autoit.bqq        C:/Users/Richi/Downloads/[CSGO] wallhack  aimbot (legit,rage).exe//yiCrfu        Hoch       
21.01.15 21:29        Gelöscht        trojanisches Programm HEUR:Trojan.WinLNK.StartPage.gena        C:/Users/Tati/AppData/Roaming/Microsoft/Internet Explorer/Quick Launch/Google Chrome.lnk        Hoch       
21.01.15 21:29        Gelöscht        trojanisches Programm HEUR:Trojan.WinLNK.StartPage.gena        C:/Users/Tati/AppData/Roaming/Microsoft/Internet Explorer/Quick Launch/Launch Internet Explorer Browser.lnk        Hoch       
21.01.15 21:29        Gelöscht        trojanisches Programm HEUR:Trojan.WinLNK.StartPage.gena        C:/Users/Tati/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Internet Explorer.lnk        Hoch       
21.01.15 21:29        Gelöscht        trojanisches Programm HEUR:Trojan.WinLNK.StartPage.gena        C:/Users/Tati/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Accessories/System Tools/Internet Explorer (No Add-ons).lnk        Hoch
Das ist von Kaspersky Rescue-Disk 10

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 21.01.2015
Suchlauf-Zeit: 22:58:38
Logdatei: log.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.21.11
Rootkit Datenbank: v2015.01.14.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Richi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 503581
Verstrichene Zeit: 21 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.WebEnhance.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WEBENHANCE, , [6ea14baf2663bc7a94d6c3939a69f907],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 1
PUP.Optional.WebEnhance.A, C:\Program Files (x86)\WebEnhance, , [6ea14baf2663bc7a94d6c3939a69f907],

Dateien: 4
PUP.Optional.WebEnhance.A, C:\Program Files (x86)\WebEnhance\webenhance.dll, , [bd5289713554f541dc8c7bdc41bf1de3],
PUP.Optional.WebEnhance.A, C:\Program Files (x86)\WebEnhance\webenhance64.dll, , [28e703f7266396a09fc9b5a255ab6898],
PUP.Optional.WebEnhance.A, C:\Users\Richi\AppData\Local\Temp\web1enhance_Setup.exe, , [cf4007f30089fb3bdd8b7cdb5fa18779],
PUP.Optional.WebEnhance.A, C:\Program Files (x86)\WebEnhance\Uninst.exe, , [6ea14baf2663bc7a94d6c3939a69f907],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Das Von Malwarebytes Anti-Malware

cosinus 31.01.2015 14:49
Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


aim 31.01.2015 16:46
FRST.txt
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015
Ran by Richi (administrator) on RICHI-PC on 31-01-2015 13:49:50
Running from C:\Users\Richi\Desktop
Loaded Profiles: Richi (Available profiles: Richi & Tati & Administrator & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Richi\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\RunOnce: [DCERegBootClean64] => C:\Windows\RegBootClean64.exe [236080 2015-01-31] (Trend Micro Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\Run: [BitComet] => C:\Program Files\BitComet\BitComet.exe [17257648 2013-12-31] (www.BitComet.com)
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\MountPoints2: {628b6246-2791-11e4-9641-a41f72ff065a} - D:\DisneySplash.exe
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\MountPoints2: {ae2f7849-7fd7-11e4-a767-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\MountPoints2: {d11cf8f9-e8dd-11e3-876f-a41f72ff065a} - G:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52966;https=127.0.0.1:52966
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.alienwarearena.com/welcome-at
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.alienwarearena.com/welcome-at
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000 -> DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=4837665B-E785-4AE1-ADAA-19CD98A44DC8&apn_sauid=DB6C9415-7B23-4CDA-87B6-AADC20171CBE
SearchScopes: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP050C2632-50EA-40ED-9CB4-37A010ACBBF8&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=4837665B-E785-4AE1-ADAA-19CD98A44DC8&apn_sauid=DB6C9415-7B23-4CDA-87B6-AADC20171CBE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default
FF NetworkProxy: "ftp", "182.93.219.246"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "182.93.219.246"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "182.93.219.246"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "182.93.219.246"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "182.93.219.246"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1822456779-1171189387-2754077004-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: BitComet Video Downloader - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2015-01-19]
FF Extension: Best Proxy Switcher - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2014-09-09]
FF Extension: Cliqz Beta - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\cliqz@cliqz.com.xpi [2014-10-11]
FF Extension: MEGA - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\firefox@mega.co.nz.xpi [2014-09-23]
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-29]
FF Extension: DownThemAll! - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-08-29]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-01-22]
FF HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\extensions\cliqz@cliqz.com

Chrome:
=======
CHR Profile: C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-04]
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-04]
CHR Extension: (YouTube) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-04]
CHR Extension: (Adblock Plus) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-04]
CHR Extension: (Search) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-04]
CHR Extension: (HTML5 Video für YouTube™) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2014-03-04]
CHR Extension: (Chrome Web Store Launcher (by Google)) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2014-03-04]
CHR Extension: (AirDroid) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2014-03-04]
CHR Extension: (Google Play) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-04]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-03-04]
CHR Extension: (Google Mail) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-04]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Richi\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-07-02] (Intel Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-05-03] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-01-23] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-08-29] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-02-18] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-29] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-19] (Disc Soft Ltd)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [File not signed]
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-06-28] (Intel Corporation)
R0 MaxMgr; C:\Windows\System32\drivers\MaxMgr.sys [89128 2014-12-03] (Max Secure Software)
R0 MaxProc64; C:\Windows\System32\drivers\MaxProc64.sys [79912 2014-12-03] (Max Secure Software)
R0 MaxProtector64; C:\Windows\System32\drivers\MaxProtector64.sys [91688 2014-12-03] (Max Secure Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
R0 SDActMon; C:\Windows\System32\drivers\SDActMon.sys [149544 2014-12-03] (Max Secure Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-15] (Duplex Secure Ltd.)
S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [16896 2015-01-02] (SteelSeries ApS) [File not signed]
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [33792 2015-01-02] (SteelSeries ApS)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\SysWOW64\DRIVERS\tmcomm.sys [200976 2011-06-21] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
U3 ajxlmjv3; C:\Windows\System32\Drivers\ajxlmjv3.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
S0 kfuxjkv; System32\drivers\yjnbs.sys [X]
S3 NTIOLib_Flash; \??\C:\Users\Richi\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys [X]
S3 pbfilter; \??\C:\Users\Richi\AppData\Local\Temp\Rar$EXa0.969\pbfilter.sys [X]
U2 TMAgent; No ImagePath
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Richi\AppData\Local\Temp\tmp8AE0.tmp [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 13:49 - 2015-01-31 13:50 - 00029252 _____ () C:\Users\Richi\Desktop\FRST.txt
2015-01-31 13:49 - 2015-01-31 13:49 - 02130944 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2015-01-31 13:47 - 2015-01-31 13:47 - 00003470 _____ () C:\Windows\RegBootClean64.CFG
2015-01-31 13:45 - 2015-01-31 13:45 - 00063500 _____ () C:\Users\Richi\Downloads\FRST.txt
2015-01-31 13:18 - 2015-01-31 13:18 - 01327309 _____ (Your Company Name ) C:\Users\Richi\Downloads\iShutdown_pc_server_1_2.exe
2015-01-31 12:50 - 2015-01-31 12:50 - 00003544 ____N () C:\bootsqm.dat
2015-01-30 22:28 - 2015-01-30 22:26 - 00000023 _____ () C:\Users\Richi\Downloads\XD.txt
2015-01-30 22:24 - 2015-01-30 22:49 - 01191424 _____ () C:\Users\Richi\Downloads\CyberGhost VPN - CHIP-Installer.exe
2015-01-30 14:01 - 2015-01-30 15:32 - 00000000 ____D () C:\Users\Tati\AppData\Roaming\BitComet
2015-01-28 22:30 - 2015-01-28 22:30 - 02390376 _____ () C:\Users\Richi\Downloads\datsauce_mpgh.net.zip
2015-01-28 21:35 - 2015-01-28 22:18 - 00000000 ____D () C:\Users\Richi\Downloads\The.Elder.Scrolls.V.Skyrim.Legendary.Edition-WaLMaRT
2015-01-28 19:43 - 2015-01-28 19:43 - 00890522 _____ () C:\Users\Richi\Downloads\OptiFine_1.8.0_HD_U_C6.jar
2015-01-28 19:32 - 2015-01-28 19:32 - 00510432 _____ () C:\Users\Richi\Downloads\NotEnoughItems-1.8-1.0.5.82-universal.jar
2015-01-28 19:31 - 2015-01-28 19:31 - 03205526 _____ () C:\Users\Richi\Downloads\forge-1.8-11.14.0.1290-1.8-installer.jar
2015-01-28 19:27 - 2015-01-28 19:27 - 00340976 _____ () C:\Users\Richi\Downloads\ShadersMod-v2.4.7mc1.8.jar
2015-01-28 19:22 - 2015-01-28 19:22 - 00393478 _____ (hxxp://magiclauncher.com) C:\Users\Richi\Downloads\MagicLauncher_1.2.6.exe
2015-01-28 13:43 - 2015-01-28 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 13:19 - 2015-01-26 13:19 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-01-24 22:33 - 2015-01-24 22:33 - 00001429 _____ () C:\Users\Tati\Desktop\Trend Micro Internet Security.lnk
2015-01-24 22:33 - 2015-01-24 22:33 - 00000000 ____D () C:\Users\Tati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2015-01-23 23:03 - 2015-01-30 22:56 - 00000000 ____D () C:\Users\Richi\Documents\ProfileCache
2015-01-23 23:03 - 2015-01-30 22:55 - 00000000 ____D () C:\Users\Richi\Documents\The Crew
2015-01-23 22:58 - 2015-01-23 22:58 - 00000000 ____D () C:\Users\Richi\AppData\Local\Ubisoft
2015-01-23 18:39 - 2015-01-23 18:39 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\PunkBuster
2015-01-23 13:23 - 2015-01-23 13:23 - 00000000 ____D () C:\Users\Richi\Downloads\Assassin's.Creed.III.Deluxe.Edition-Multi18.Steam-FullRip - R.G.Origins
2015-01-23 13:21 - 2015-01-23 18:47 - 00000000 ____D () C:\Users\Richi\Downloads\Assassins.Creed.Revelations-SKIDROW
2015-01-23 13:20 - 2015-01-23 17:57 - 00000000 ____D () C:\Users\Richi\Downloads\Assassins.Creed.Brotherhood-SKIDROW
2015-01-23 12:27 - 2015-01-23 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-23 12:27 - 2015-01-23 12:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-22 20:22 - 2015-01-31 13:47 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-01-22 20:01 - 2015-01-22 20:01 - 00000000 ___HD () C:\TMRescueDisk
2015-01-22 19:57 - 2015-01-22 19:57 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2015-01-22 19:57 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-01-22 19:57 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-01-22 19:57 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-01-22 19:57 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-01-22 19:57 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-01-22 19:57 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-01-22 19:56 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-01-22 19:55 - 2015-01-30 22:22 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-01-22 19:55 - 2015-01-22 19:55 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2015-01-22 19:55 - 2015-01-22 19:55 - 00000000 ____D () C:\Program Files\Trend Micro
2015-01-22 19:42 - 2015-01-23 13:35 - 00000000 ____D () C:\Users\Richi\AppData\Local\Trend Micro
2015-01-22 19:34 - 2015-01-22 19:34 - 06631056 _____ (Trend Micro Inc.) C:\Users\Richi\Downloads\Trend_Micro_Internet_Security_2015.exe
2015-01-22 11:56 - 2015-01-22 16:42 - 00205417 _____ () C:\Users\Richi\AppData\Local\census.cache
2015-01-21 23:57 - 2015-01-22 16:47 - 00000402 _____ () C:\Users\Richi\Desktop\trojaner board.txt
2015-01-21 23:00 - 2015-01-30 22:50 - 00167424 _____ () C:\Users\Richi\Downloads\fileassassin-setup-1.06.exe
2015-01-21 23:00 - 2015-01-21 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2015-01-21 23:00 - 2015-01-21 23:00 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2015-01-21 22:34 - 2015-01-22 16:42 - 00139879 _____ () C:\Users\Richi\AppData\Local\ars.cache
2015-01-21 22:19 - 2015-01-30 22:50 - 02002432 _____ (Trend Micro Inc.) C:\Users\Richi\Downloads\HousecallLauncher.exe
2015-01-21 22:19 - 2015-01-22 21:08 - 00000036 _____ () C:\Users\Richi\AppData\Local\housecall.guid.cache
2015-01-21 22:19 - 2011-06-21 05:09 - 00200976 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys
2015-01-21 21:38 - 2015-01-21 21:38 - 00000000 __SHD () C:\found.000
2015-01-21 18:33 - 2015-01-21 18:33 - 00000000 ____D () C:\Users\Richi\Desktop\SUE USB
2015-01-21 14:18 - 2015-01-21 14:18 - 00000000 ____D () C:\Users\Richi\AppData\Local\PAYDAY 2
2015-01-21 13:12 - 2015-01-21 13:12 - 00000000 ____D () C:\Program Files (x86)\505 Games
2015-01-19 23:30 - 2015-01-19 23:31 - 01834028 _____ () C:\Users\Richi\Downloads\AC_UNITY+12Tr-LNG_v1.4.0-Multi(1).rar
2015-01-19 23:28 - 2015-01-19 23:28 - 00446653 _____ () C:\Users\Richi\Downloads\sr-acuv14up.7z
2015-01-19 18:20 - 2015-01-19 18:20 - 01678928 _____ (BitTorrent Inc.) C:\Users\Richi\Downloads\uTorrent.exe
2015-01-19 17:59 - 2015-01-20 12:06 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\mIRC
2015-01-19 17:59 - 2015-01-19 17:59 - 00000000 ____D () C:\Program Files (x86)\mIRC
2015-01-19 17:58 - 2015-01-19 17:59 - 02471776 _____ (mIRC Co. Ltd.) C:\Users\Richi\Downloads\mirc738.exe
2015-01-19 17:24 - 2015-01-19 17:24 - 00000000 ____D () C:\ProgramData\Citrix
2015-01-19 17:23 - 2015-01-19 17:23 - 00000000 ____D () C:\Users\Richi\AppData\Local\Citrix
2015-01-19 17:23 - 2015-01-19 17:23 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-01-19 16:45 - 2015-01-31 13:49 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\BitComet
2015-01-19 16:45 - 2015-01-19 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2015-01-19 16:45 - 2015-01-19 16:45 - 00000000 ____D () C:\Program Files\BitComet
2015-01-19 16:44 - 2015-01-30 22:49 - 09471488 _____ () C:\Users\Richi\Downloads\BitComet_1.37_x64_setup.exe
2015-01-19 16:34 - 2015-01-19 16:34 - 00091048 _____ () C:\Users\Richi\Downloads\Assassins.Creed.Unity.v1.4.Update.Proper-SKIDROW.torrent
2015-01-19 16:05 - 2015-01-19 16:05 - 00142975 _____ () C:\Users\Richi\Downloads\Assassins.Creed.Unity.Dead.Kings.DLC.Proper-SKIDROW.torrent
2015-01-19 13:32 - 2015-01-19 13:32 - 00003128 _____ () C:\Windows\System32\Tasks\{13307364-7B68-47D8-99B8-F716B8C23E0E}
2015-01-19 13:31 - 2015-01-21 18:34 - 00000000 ____D () C:\Users\Richi\Downloads\Kaspersky Rescue2Usb
2015-01-19 13:31 - 2015-01-19 13:31 - 00387584 _____ () C:\Users\Richi\Downloads\rescue2usb.exe
2015-01-19 13:31 - 2015-01-19 13:31 - 00000000 ____D () C:\Users\Richi\Documents\Neuer Ordner
2015-01-19 13:25 - 2015-01-19 02:33 - 314472448 _____ () C:\Users\Richi\Downloads\kav_rescue_10.iso
2015-01-18 21:01 - 2015-01-18 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
2015-01-18 21:01 - 2010-06-02 13:23 - 04830552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9d_33.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 03795800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9d_33.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02947416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9d.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02719064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9d.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02686808 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02261336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3dx9d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 01931608 _____ (Microsoft Corporation) C:\Windows\system32\D3DCSXd_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 01883992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCSXd_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00964440 _____ (Microsoft Corporation) C:\Windows\system32\XAudioD2_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00954200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudioD2_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00645464 _____ (Microsoft Corporation) C:\Windows\system32\D3D11SDKLayers.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00639832 _____ (Microsoft Corporation) C:\Windows\system32\D3D11Ref.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00608088 _____ (Microsoft Corporation) C:\Windows\system32\D3D10SDKLayers.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00568664 _____ (Microsoft Corporation) C:\Windows\system32\D3DX10d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00525144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D11Ref.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00514392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX10d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00496472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D11SDKLayers.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00453464 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Ref.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00447832 _____ (Microsoft Corporation) C:\Windows\system32\d3dref9.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00442712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D10SDKLayers.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00435032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineA3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineA3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00367960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D10Ref.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00349528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineD3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00348504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dref9.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineD3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00308056 _____ (Microsoft Corporation) C:\Windows\system32\D3DX11d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00268120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX11d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00139608 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFXD1_5.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00131928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFXD1_5.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00053080 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudioD1_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00045400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudioD1_7.dll
2015-01-18 20:59 - 2015-01-18 21:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
2015-01-18 20:52 - 2015-01-30 22:51 - 599453184 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\DXSDK_Jun10.exe
2015-01-17 15:21 - 2015-01-17 15:21 - 01717788 _____ () C:\Users\Richi\Downloads\Counter Strike Global Offensive Hack(2).rar
2015-01-16 14:34 - 2015-01-16 14:34 - 00093107 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_ESPorn [16.12.2014].rar
2015-01-16 14:33 - 2015-01-16 14:33 - 00207971 _____ () C:\Users\Richi\Downloads\Uni-Hack (07-12-14)(1).rar
2015-01-16 14:33 - 2015-01-16 14:33 - 00007768 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_Project-7 Pub v 1.1(1).zip
2015-01-16 13:22 - 2015-01-16 13:22 - 00040403 _____ () C:\Users\Richi\Downloads\jRAT-Remover-master.zip
2015-01-16 13:21 - 2015-01-16 13:21 - 00025115 _____ () C:\Users\Richi\Downloads\jrat-remover.jar
2015-01-16 13:19 - 2015-01-16 13:19 - 01188194 _____ () C:\Users\Richi\Downloads\ProcessExplorer_1604.zip
2015-01-16 13:19 - 2015-01-16 13:19 - 01179936 _____ () C:\Users\Richi\Downloads\Process Explorer - CHIP-Installer.exe
2015-01-16 13:18 - 2015-01-16 13:21 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jRAT Project
2015-01-16 13:13 - 2015-01-16 13:13 - 00000000 ____D () C:\Users\Richi\Desktop\TrueCrypt
2015-01-16 13:10 - 2015-01-16 13:10 - 02406346 _____ () C:\Users\Richi\Downloads\truecrypt.zip
2015-01-16 13:10 - 2015-01-16 13:10 - 00000000 ____D () C:\Program Files (x86)\jRAT Project
2015-01-16 13:09 - 2015-01-30 22:50 - 37906944 _____ () C:\Users\Richi\Downloads\jrat-windows.exe
2015-01-15 20:11 - 2015-01-15 20:11 - 10515012 _____ () C:\Users\Richi\Downloads\thehen101-Kryptonite-2.41-MC1.8.zip
2015-01-15 19:18 - 2015-01-15 19:18 - 00005056 _____ () C:\Users\Richi\Downloads\bibanator config Dezember 2014.rar
2015-01-15 14:14 - 2015-01-15 14:14 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\minecraft
2015-01-15 14:12 - 2015-01-15 14:13 - 08347449 _____ () C:\Users\Richi\Downloads\Reflex(2).zip
2015-01-15 14:03 - 2015-01-15 14:03 - 06505592 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\vcredist_x86.exe
2015-01-15 14:02 - 2015-01-15 14:02 - 07195928 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\vcredist_x64(1).exe
2015-01-15 12:26 - 2015-01-15 17:22 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\.purple
2015-01-15 12:25 - 2015-01-15 12:25 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\Program Files (x86)\pidgin-otr
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\Program Files (x86)\Pidgin
2015-01-15 12:24 - 2015-01-15 12:24 - 09670472 _____ () C:\Users\Richi\Downloads\pidgin-2.10.11(1).exe
2015-01-15 12:24 - 2015-01-15 12:24 - 01623752 _____ () C:\Users\Richi\Downloads\pidgin-otr-4.0.0-1.exe
2015-01-15 12:22 - 2015-01-15 12:22 - 00014425 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_csgopubliccheat(2).zip
2015-01-14 15:04 - 2015-01-14 15:04 - 00014425 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_csgopubliccheat(1).zip
2015-01-14 14:55 - 2015-01-14 14:56 - 00091364 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_ESPorn.rar
2015-01-14 14:51 - 2015-01-14 14:51 - 00014425 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_csgopubliccheat.zip
2015-01-14 14:16 - 2015-01-14 14:16 - 09670472 _____ () C:\Users\Richi\Downloads\pidgin-2.10.11.exe
2015-01-14 13:22 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 13:22 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 13:22 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 13:22 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 13:22 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 13:22 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 13:22 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 13:22 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 13:22 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 13:22 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 13:22 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 13:22 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 13:22 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 17:17 - 2015-01-13 17:17 - 00019717 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_ESP TEST v1.rar
2015-01-13 17:12 - 2015-01-13 17:12 - 00027136 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_Almost Legit.exe
2015-01-13 12:18 - 2015-01-13 12:18 - 00977524 _____ () C:\Users\Richi\Downloads\Hackery-master.zip
2015-01-09 13:31 - 2015-01-09 13:31 - 00007768 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_Project-7 Pub v 1.1.zip
2015-01-09 13:29 - 2015-01-09 13:29 - 00012667 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_sNPXnJb8.rar
2015-01-09 13:23 - 2015-01-09 13:23 - 00207971 _____ () C:\Users\Richi\Downloads\Uni-Hack (07-12-14).rar
2015-01-09 13:13 - 2015-01-09 13:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ssdevfactory_01011.Wdf
2015-01-09 13:13 - 2015-01-09 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-01-09 13:11 - 2015-01-09 13:12 - 59609136 _____ () C:\Users\Richi\Downloads\SteelSeriesEngine_3.3.2.exe
2015-01-08 20:19 - 2015-01-08 20:19 - 00000000 ____D () C:\Users\Tati\AppData\Roaming\dvdcss
2015-01-08 19:02 - 2015-01-30 14:27 - 00000000 ____D () C:\Users\Tati\AppData\Local\SteelSeries Engine 3 Client
2015-01-08 18:55 - 2015-01-08 18:55 - 00044261 _____ () C:\Users\Tati\Desktop\Glorie glorie aleluia.pptx
2015-01-08 18:41 - 2015-01-08 18:41 - 00047320 _____ () C:\Users\Tati\Desktop\Dumnezeu e dragostea mea.pptx
2015-01-08 12:40 - 2015-01-08 12:40 - 00000000 ____D () C:\Users\Richi\AppData\Local\RzStats
2015-01-07 15:39 - 2015-01-07 15:39 - 00000000 ____D () C:\Users\Tati\AppData\Local\Razer
2015-01-07 15:39 - 2015-01-07 15:39 - 00000000 ____D () C:\Users\Tati\AppData\Local\Logitech
2015-01-07 14:23 - 2014-12-10 21:43 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2015-01-07 14:22 - 2014-12-09 23:21 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2015-01-07 14:20 - 2015-01-08 12:40 - 00000000 ____D () C:\Users\Richi\AppData\Local\Razer
2015-01-07 14:19 - 2015-01-15 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-07 14:18 - 2015-01-07 14:19 - 55753264 _____ (Razer Inc.) C:\Users\Richi\Downloads\Razer_Synapse_Framework_V1.18.18.23036.exe
2015-01-07 14:15 - 2015-01-07 14:15 - 00000000 ____D () C:\Users\Richi\AppData\Local\Razer_Inc
2015-01-07 14:14 - 2015-01-07 14:35 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-01-07 14:14 - 2015-01-07 14:23 - 00000000 ____D () C:\ProgramData\Razer
2015-01-07 14:05 - 2015-01-24 13:37 - 00000000 ____D () C:\Users\Richi\AppData\Local\SteelSeries Engine 3 Client
2015-01-07 13:51 - 2015-01-07 14:05 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-01-07 13:51 - 2015-01-07 13:51 - 00000000 ____D () C:\Users\admin
2015-01-07 13:50 - 2015-01-07 14:05 - 00000000 ____D () C:\Program Files\SteelSeries
2015-01-07 13:50 - 2015-01-07 13:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_sshid_01011.Wdf
2015-01-07 13:50 - 2015-01-07 13:50 - 00000000 ____D () C:\ProgramData\SteelSeries
2015-01-07 13:48 - 2014-11-14 18:50 - 58227312 _____ () C:\Users\Richi\Downloads\SteelSeriesEngine_3.3.1Setup.exe
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\Users\Richi\AppData\Local\Logitech
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\ProgramData\Apple
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-07 13:38 - 2015-01-07 13:39 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2015-01-07 13:38 - 2015-01-07 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-01-07 13:37 - 2015-01-30 22:50 - 67351040 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x64_Logitech.exe
2015-01-07 13:33 - 2015-01-07 13:33 - 00004752 _____ () C:\Windows\LDPINST.LOG
2015-01-07 13:32 - 2015-01-07 13:32 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2015-01-07 13:27 - 2015-01-30 22:51 - 63059968 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x86_Logitech(1).exe
2015-01-07 13:24 - 2015-01-30 22:50 - 58466816 _____ (Logitech Inc.) C:\Users\Richi\Downloads\lgs8.56.109_x86.exe
2015-01-07 13:22 - 2014-10-27 23:56 - 63059552 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x86_Logitech_001.exe
2015-01-07 13:18 - 2015-01-07 13:19 - 63059552 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x86_Logitech.exe
2015-01-05 20:07 - 2015-01-05 20:07 - 00000000 ____D () C:\Program Files\Max Spyware Detector
2015-01-05 20:07 - 2015-01-05 20:07 - 00000000 ____D () C:\Program Files (x86)\Max Spyware Detector
2015-01-05 20:06 - 2015-01-05 20:07 - 00000000 ____D () C:\ProgramData\Max Secure
2015-01-05 20:06 - 2014-12-03 18:02 - 00149544 _____ (Max Secure Software) C:\Windows\system32\Drivers\SDActMon.sys
2015-01-05 20:06 - 2014-12-03 18:02 - 00091688 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector64.sys
2015-01-05 20:06 - 2014-12-03 18:02 - 00089128 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxMgr.sys
2015-01-05 20:06 - 2014-12-03 18:02 - 00079912 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProc64.sys
2015-01-05 19:59 - 2015-01-05 19:59 - 00054710 _____ () C:\Users\Richi\Downloads\Project-7 Pub v 1.1.zip
2015-01-05 19:55 - 2015-01-05 19:55 - 01150651 _____ () C:\Users\Richi\Downloads\NetSharkGo.zip
2015-01-05 19:52 - 2015-01-05 19:53 - 05718872 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\vcredist_x64.exe
2015-01-05 19:47 - 2015-01-30 22:49 - 00368640 _____ (RegNow.com) C:\Users\Richi\Downloads\Download_MaxSDRDM.exe
2015-01-05 19:47 - 2015-01-05 19:47 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\GetRightToGo
2015-01-05 19:47 - 2015-01-05 19:47 - 00000000 ____D () C:\Users\Richi\AppData\Local\Max Secure Software
2015-01-05 19:37 - 2015-01-05 19:37 - 00000000 ___RD () C:\Sandbox
2015-01-05 19:36 - 2015-01-23 12:50 - 00002552 _____ () C:\Windows\Sandboxie.ini
2015-01-05 19:36 - 2015-01-05 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-01-05 19:36 - 2015-01-05 19:36 - 00000000 ____D () C:\Program Files\Sandboxie
2015-01-05 19:35 - 2015-01-05 19:35 - 02734600 _____ (Sandboxie Holdings, LLC) C:\Users\Richi\Downloads\SandboxieInstall.exe
2015-01-03 21:52 - 2015-01-03 21:52 - 00693493 _____ () C:\Users\Richi\Downloads\Aqua Spammer V2.1.zip
2015-01-03 21:39 - 2015-01-03 21:39 - 00029696 _____ () C:\Users\Richi\Downloads\Venom Spammer.exe
2015-01-03 19:14 - 2015-01-03 19:14 - 01873946 _____ () C:\Users\Richi\Downloads\AC_UNITY+11Tr-LNG_v1.3.0-Multi.rar
2015-01-03 19:06 - 2015-01-03 19:07 - 01814808 _____ () C:\Users\Richi\Downloads\AC_UNITY+12Tr-LNG_v1.4.0-Multi.rar
2015-01-02 22:50 - 2015-01-02 22:50 - 00033792 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\sshid.sys
2015-01-02 22:50 - 2015-01-02 22:50 - 00016896 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\ssdevfactory.sys
2015-01-02 22:50 - 2015-01-02 22:50 - 00008704 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 13:49 - 2014-05-27 18:49 - 00000000 ____D () C:\FRST
2015-01-31 13:31 - 2009-07-14 05:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-31 13:31 - 2009-07-14 05:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-31 13:28 - 2014-02-17 19:45 - 01123876 _____ () C:\Windows\WindowsUpdate.log
2015-01-31 13:26 - 2014-03-28 12:40 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-31 13:25 - 2014-12-14 02:33 - 00000000 ____D () C:\Users\Richi\AppData\Local\LogMeIn Hamachi
2015-01-31 13:24 - 2014-09-13 07:18 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 13:24 - 2014-03-05 14:43 - 00000000 ____D () C:\Windows\pss
2015-01-31 13:23 - 2014-12-20 22:09 - 00000358 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2015-01-31 13:23 - 2014-08-04 19:51 - 00061913 _____ () C:\Windows\setupact.log
2015-01-31 13:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 13:09 - 2014-03-04 11:47 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-01-31 13:07 - 2014-02-17 19:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-31 12:54 - 2014-04-28 17:49 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2F0E0C9F-6194-4F0C-9D4A-1EF45653C831}
2015-01-30 23:42 - 2014-03-06 13:58 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Skype
2015-01-30 22:54 - 2014-08-08 13:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-30 22:52 - 2014-09-08 18:54 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\.minecraft
2015-01-30 22:50 - 2014-12-20 22:07 - 02448896 _____ (Megaify Software ) C:\Users\Richi\Downloads\driver_setup.exe
2015-01-30 22:50 - 2014-12-19 12:03 - 01143808 _____ (LanTricks.com ) C:\Users\Richi\Downloads\lanspy_setup.exe
2015-01-30 22:49 - 2014-12-23 20:56 - 05403136 _____ (Canneverbe Limited ) C:\Users\Richi\Downloads\cdbxp_setup_4.5.4.5143_minimal.exe
2015-01-30 22:26 - 2014-04-22 18:49 - 00000000 ____D () C:\Users\Richi\.VirtualBox
2015-01-30 22:23 - 2014-03-04 23:11 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\TS3Client
2015-01-30 15:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-30 14:27 - 2014-09-19 15:34 - 00000000 ____D () C:\Users\Richi\Desktop\FTB
2015-01-30 11:23 - 2014-07-30 13:42 - 00000000 ____D () C:\Users\Tati\AppData\Local\LogMeIn Hamachi
2015-01-29 21:32 - 2014-08-07 21:04 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\vlc
2015-01-29 11:36 - 2014-07-14 22:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 14:20 - 2014-11-18 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-26 14:20 - 2014-08-25 13:10 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 14:19 - 2014-11-18 20:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-26 14:19 - 2014-11-17 23:24 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-26 14:19 - 2014-03-04 12:28 - 00000000 ____D () C:\Program Files\Java
2015-01-26 14:07 - 2014-02-17 19:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 14:07 - 2014-02-17 19:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-26 14:07 - 2014-02-17 19:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 13:35 - 2014-03-06 20:24 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-24 13:35 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-24 03:42 - 2014-12-10 21:44 - 00000000 ____D () C:\Users\Richi\AppData\Local\Ubisoft Game Launcher
2015-01-23 23:38 - 2014-08-14 01:29 - 00305938 _____ () C:\Windows\DirectX.log
2015-01-23 23:33 - 2014-12-10 21:56 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-01-23 23:33 - 2014-02-17 19:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-23 18:39 - 2014-05-30 18:13 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-23 18:39 - 2014-05-30 18:13 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-22 20:56 - 2010-11-21 07:50 - 00700500 _____ () C:\Windows\system32\perfh007.dat
2015-01-22 20:56 - 2010-11-21 07:50 - 00150138 _____ () C:\Windows\system32\perfc007.dat
2015-01-22 20:56 - 2009-07-14 06:13 - 01624234 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 20:05 - 2014-03-04 14:45 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-22 20:04 - 2014-05-28 15:50 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-22 19:50 - 2014-10-22 10:28 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-22 19:50 - 2014-08-04 21:10 - 00121246 _____ () C:\Windows\PFRO.log
2015-01-22 19:50 - 2014-05-11 19:43 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-22 10:40 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-01-19 18:24 - 2014-08-04 23:51 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\uTorrent
2015-01-18 20:52 - 2014-12-17 13:18 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-16 16:40 - 2014-03-05 07:34 - 00129616 _____ () C:\Users\Tati\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 11:45 - 2014-03-04 11:39 - 00129616 _____ () C:\Users\Richi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 11:45 - 2009-07-14 05:45 - 05182328 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 17:29 - 2014-03-05 12:47 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:24 - 2014-03-05 12:47 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 11:32 - 2014-07-22 12:11 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-13 17:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-12 21:40 - 2014-12-17 13:17 - 00000000 ____D () C:\Users\Richi\AppData\Local\JDownloader v2.0
2015-01-09 14:33 - 2014-06-03 12:35 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Craften Terminal
2015-01-09 13:13 - 2014-09-20 13:17 - 00110852 _____ () C:\Windows\DPINST.LOG
2015-01-07 13:34 - 2014-06-06 11:13 - 00000000 ____D () C:\ProgramData\Logishrd
2015-01-07 13:34 - 2014-06-06 10:56 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2015-01-07 13:21 - 2014-06-06 10:56 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Logishrd
2015-01-07 11:37 - 2014-03-05 11:52 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-06 21:38 - 2014-12-30 19:19 - 00045556 _____ () C:\Users\Tati\Desktop\Depind de tine.pptx
2015-01-05 20:37 - 2014-08-30 17:30 - 00000000 ____D () C:\Users\Richi\Documents\My Games
2015-01-05 13:27 - 2014-12-30 19:02 - 00044274 _____ () C:\Users\Tati\Desktop\Credincios e Isus.pptx
2015-01-03 19:18 - 2014-03-06 13:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-03 19:18 - 2014-03-06 13:57 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2014-03-13 21:59 - 2014-03-13 21:59 - 0000078 _____ () C:\Users\Richi\AppData\Roaming\.ettercap_gtk
2014-08-05 00:52 - 2014-10-01 18:35 - 0000132 _____ () C:\Users\Richi\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-09 19:31 - 2014-08-21 18:16 - 0000132 _____ () C:\Users\Richi\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-03-04 13:54 - 2014-07-07 16:49 - 0000624 _____ () C:\Users\Richi\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-03-21 11:05 - 2014-05-21 10:16 - 0000281 _____ () C:\Users\Richi\AppData\Roaming\GPU MeterV2_Settings.ini
2014-04-10 19:22 - 2014-05-07 16:54 - 0000017 _____ () C:\Users\Richi\AppData\Roaming\Network Meter_Usage.ini
2014-05-03 19:38 - 2014-05-03 19:38 - 0050108 _____ () C:\Users\Richi\AppData\Roaming\sample.wav
2014-08-19 20:54 - 2014-08-19 20:54 - 0000037 ___SH () C:\Users\Richi\AppData\Local\69ff07055291669bb2b218.72821112
2015-01-21 22:34 - 2015-01-22 16:42 - 0139879 _____ () C:\Users\Richi\AppData\Local\ars.cache
2015-01-22 11:56 - 2015-01-22 16:42 - 0205417 _____ () C:\Users\Richi\AppData\Local\census.cache
2014-06-12 11:02 - 2014-06-12 11:02 - 1065984 _____ () C:\Users\Richi\AppData\Local\file__0.localstorage
2015-01-21 22:19 - 2015-01-22 21:08 - 0000036 _____ () C:\Users\Richi\AppData\Local\housecall.guid.cache
2014-05-03 23:25 - 2014-09-08 20:09 - 0007615 _____ () C:\Users\Richi\AppData\Local\resmon.resmoncfg
2014-06-06 11:19 - 2014-06-06 11:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Richi\IP_Log_Data.js


Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Richi\AppData\Local\Temp\Bass.dll
C:\Users\Richi\AppData\Local\Temp\Bass.Net.dll
C:\Users\Richi\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Richi\AppData\Local\Temp\mirc738.exe
C:\Users\Richi\AppData\Local\Temp\VOPackage.exe
C:\Users\Tati\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Tati\AppData\Local\Temp\avgnt.exe
C:\Users\Tati\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Tati\AppData\Local\Temp\PidGenX.dll
C:\Users\Tati\AppData\Local\Temp\SUpdate.exe
C:\Users\Tati\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 13:19

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-01-2015
Ran by Richi at 2015-01-31 13:50:16
Running from C:\Users\Richi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Disabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Internet Security (Disabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Akamai NetSession Interface (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{714431C1-0D95-4844-BC9D-081C48729B2D}) (Version: 2.8.11.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.11.0 - Alienware Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9204C155-00EA-6388-9362-01D16FFA114C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.2.0.18 - AVG Technologies)
BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11n Network Adapter (HKLM-x32\...\{AFD36BF1-DA28-4702-A83F-C49D03199A0F}) (Version: 07.13.2006 - Broadcom)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Driver Magician 4.1 (HKLM-x32\...\Driver Magician_is1) (Version:  - GoldSolution Software, Inc.)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FileZilla Client 3.8.1 (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.0.1036 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LanSpy (HKLM-x32\...\LanSpy_is1) (Version:  - LanTricks.com)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Plugin (HKLM-x32\...\InstallShield_{9A81C9E3-EE6E-435C-9A9A-3749D02D8C4A}) (Version: 1.0.0.11 - Alienware)
Media Plugin (x32 Version: 1.0.0.11 - Alienware) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.38 - mIRC Co. Ltd.)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.8.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
RK-WLAN-Keygen (HKLM-x32\...\RK-WLAN-Keygen_is1) (Version: 1.4 - Robert Knapp Software)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteelSeries Engine 3.3.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.2 - SteelSeries ApS)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium)
The Crew (HKLM-x32\...\Steam App 241560) (Version:  - Ivory Tower in collaboration with Ubisoft Reflections)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK)
Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wireshark 1.10.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-05 20:07 - 2013-01-03 10:47 - 00000734 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01F09678-7DE2-4C99-AA95-85C9384ADB34} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {03269AB2-0EF4-4297-AB3A-6D07B3772B6E} - System32\Tasks\{8A8BD022-D74B-42A0-8B14-F89A039E1405} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\Support\Software\VCRedist\vcredist_x64.exe" -d "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\Support\Software\VCRedist"
Task: {10A47AA9-6469-459A-9671-707587BA6A54} - System32\Tasks\{97D746AA-0ABC-4C22-B5B2-AA66EE0CADAB} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {190C6A97-ED24-4E80-8472-E8904AC47B73} - System32\Tasks\{C89E7DF8-E218-4205-B78B-BED9F7FB9CCF} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {233A202C-BBCC-41AB-A123-D70F35B4A058} - System32\Tasks\{82F15E27-6169-45D2-9229-BCF633CD17DB} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {25034A6C-D2DA-41CD-A00F-5A103281484A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {298DB1C1-3441-4F68-82E9-9E998596F3ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {3931EAAE-65AE-4D0D-934E-6296B6503B9B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {3A1F0EB6-CAA6-450E-9CEA-D5AA0F268D85} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {3D6110FB-5211-4702-857B-FF1B18DF2E64} - System32\Tasks\{FC9ED06D-58AE-4928-90AA-916E4E5B1E27} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {3EA28AD9-E99D-4C26-9622-4B26FB73F6BF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {4331D3A1-4E53-4B4B-8978-15D44AE8091D} - System32\Tasks\{91CF4576-EB27-4449-9D3F-68C52436B2C7} => pcalua.exe -a "C:\Users\Richi\Downloads\Forge 1.7.2.exe" -d C:\Users\Richi\Downloads
Task: {677AAB72-CB7C-48AD-ACDD-D70824D573E2} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {7034D545-34B4-48EB-AB99-880E9C97B3EE} - System32\Tasks\{E8F92B7A-88B6-4EDD-BCA3-3DF5AAFC451F} => pcalua.exe -a F:\DirectX\dxsetup.exe -d F:\DirectX
Task: {72062924-B3F7-41E0-9A65-61911FC4E30A} - System32\Tasks\{98A4FB42-E283-4081-8D5F-FB7DAD30CF0A} => C:\Users\Richi\Desktop\watchdogs\Watch.Dogs.Hotfix-RELOADED\Watch.Dogs.Hotfix-RELOADED\rld-watdoghf\Update\setup.exe
Task: {775AE2C1-6FD3-41FF-9C5C-07A96A1B9192} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {86FC62C4-E4CA-4417-9D46-585E49F949C1} - System32\Tasks\{C39FA969-AF8B-43F1-8B0A-FBCF666BEAB2} => pcalua.exe -a "C:\Program Files (x86)\Counter-Strike\Uninstall.exe" -d "C:\Program Files (x86)\Counter-Strike"
Task: {96A8C17B-AF37-4259-8DF7-6BA7BBFA2CE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A082B8F2-E33C-4840-86D6-72CC4198CEE8} - System32\Tasks\{4AB226FA-4AC1-41F6-BC9B-B05C2066F55E} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {AE4928FF-2DE2-46BF-89EA-272F4D05A68E} - System32\Tasks\{719C3DAF-C7EF-4A20-8D7B-300ED801A63F} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\GDFInstall.exe" -d "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity"
Task: {AE826F71-729F-402E-A82C-AC81C0EB4229} - System32\Tasks\Oxy => C:\Users\Richi\AppData\Roaming\Oxy\Updater.exe <==== ATTENTION
Task: {C60EE4F2-E2C0-4049-81A4-F8AFAF636E5F} - System32\Tasks\{8EC58188-CC01-48EB-8D31-D367B09D284A} => pcalua.exe -a C:\Users\Richi\Downloads\VirtualBox-4.3.12-93733-Win.exe -d C:\Users\Richi\Downloads
Task: {CD688EF1-2C2F-4595-A33C-9B57BF0900F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D37C6176-B776-47C7-A6A1-31CE1FD795B8} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {D4A52FDA-7428-4BBC-8E50-E6411456F1FB} - System32\Tasks\{1042D38F-6D18-4371-85C1-6E265166D424} => pcalua.exe -a F:\Macromedia\Shockwave_Installer_Full.exe -d F:\Macromedia
Task: {D845D82E-DC6C-45B8-A7E7-C2F441382391} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DFFF8039-FF83-47E1-B47D-56C8D3ECE493} - System32\Tasks\{84F4FFC9-8E52-4EB3-95CA-9624D0CEB515} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {E82B2D18-FD00-4074-80D2-35D94D388ECA} - System32\Tasks\{13307364-7B68-47D8-99B8-F716B8C23E0E} => pcalua.exe -a C:\Users\Richi\Downloads\rescue2usb.exe -d C:\Users\Richi\Downloads
Task: {EC530191-08C3-4E72-9E99-ADA4A0177886} - System32\Tasks\{F608305E-1535-4E95-89AF-6A0378D21549} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {F367FB0E-6B2D-4300-8658-62707A6BF3BF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F39AD2C3-9941-43A6-B2FB-B0B9D0992047} - System32\Tasks\{E735A51E-BB5F-4837-AF17-53D924B2294D} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {F42AC67C-D968-491B-AD64-06DDEABAE828} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {FF9210B0-CD0B-43ED-8263-52E18C8354DD} - System32\Tasks\{B98DF90F-BC2A-4454-BEF8-498B21BD88E8} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe

==================== Loaded Modules (whitelisted) =============

2015-01-22 19:55 - 2014-07-09 17:03 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2015-01-22 19:55 - 2014-07-09 17:02 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2015-01-22 19:55 - 2014-07-09 17:03 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2015-01-22 19:55 - 2014-07-09 17:03 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2015-01-22 19:55 - 2014-07-09 17:02 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll
2015-01-22 19:39 - 2014-07-20 20:04 - 00168584 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2014-07-16 10:06 - 2014-07-16 10:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-01-22 19:56 - 2014-07-20 20:05 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2015-01-22 19:56 - 2014-07-20 20:05 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2015-01-22 19:39 - 2014-07-20 20:05 - 00065560 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2015-01-08 22:37 - 2015-01-08 22:37 - 17833984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
2015-01-03 18:28 - 2015-01-03 18:28 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\x2api.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-01-22 19:56 - 2014-07-20 20:05 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2015-01-22 19:56 - 2014-07-20 20:05 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll
2014-05-30 18:13 - 2015-01-23 18:39 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-08-29 23:05 - 2014-08-29 23:05 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
2014-12-19 04:22 - 2014-12-19 04:22 - 00290816 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2015-01-07 14:22 - 2015-01-31 13:23 - 00619328 _____ () C:\Users\Richi\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2014-08-29 23:05 - 2014-08-29 23:05 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll
2015-01-28 13:43 - 2015-01-28 13:43 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-22 19:39 - 2014-07-20 20:05 - 00039424 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_49.dll
2015-01-22 19:39 - 2014-07-20 20:05 - 00049152 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_49.dll
2015-01-08 12:40 - 2014-11-26 03:12 - 40622592 _____ () C:\Users\Richi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-12-19 04:22 - 2014-12-19 04:22 - 00192512 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2015-01-08 12:40 - 2014-11-26 03:12 - 00911360 _____ () C:\Users\Richi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-01-08 12:40 - 2014-11-26 03:12 - 00134144 _____ () C:\Users\Richi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2014-02-17 19:56 - 2013-05-14 15:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\Richi\AppData\Local\ZI7tBOKFvFpg4:hxmHK61OIx4u5g4klisxGD1Cax

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: ioloEnergyBooster => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RoxMediaDB12OEM => 3
MSCONFIG\Services: RoxWatch12 => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk => C:\Windows\pss\Dell Display Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA1100 Genie.lnk => C:\Windows\pss\NETGEAR WNA1100 Genie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SteelSeries Engine 3.lnk => C:\Windows\pss\SteelSeries Engine 3.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Richi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Richi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Richi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xape.exe => C:\Windows\pss\Xape.exe.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Richi\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BitComet => "C:\Program Files\BitComet\BitComet.exe" /tray
MSCONFIG\startupreg: BitTorrent => "C:\Users\Richi\Downloads\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: Command Center Controllers => "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Richi\AppData\Local\Apps\2.0\AKZ4NM0Y.9YJ\3Y2P8O4G.H8E\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: HKCU => C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: ishutdown2 => C:\Program Files (x86)\ishutdown\iShutdown\ilauncher.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: jswtrayutil => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
MSCONFIG\startupreg: Kraken71ChromaHelper => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe /start
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: RUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: sysdca => "C:\Program Files (x86)\FarStone Drive Clone\Dca\dca.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: WTFast Tray => "C:\Program Files (x86)\WTFast\WTFast.exe" trayonly
MSCONFIG\startupreg: yvqfw0Hfp64tGP86 => C:\Users\Richi\AppData\Roaming\QU8JHS19X2gkMwsV\VJaQWiQLtQWE.exe
MSCONFIG\startupreg: yvqfw0Hfp64tGP86EF => C:\Users\Richi\AppData\Roaming\QU8JHS19X2gkMwsV\sMF5qSeDrzN1.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1822456779-1171189387-2754077004-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-1822456779-1171189387-2754077004-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1822456779-1171189387-2754077004-1009 - Limited - Enabled)
Richi (S-1-5-21-1822456779-1171189387-2754077004-1000 - Administrator - Enabled) => C:\Users\Richi
Tati (S-1-5-21-1822456779-1171189387-2754077004-1003 - Administrator - Enabled) => C:\Users\Tati

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2015 01:25:42 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed iShutdown.; Fehler = 0x80070422).

Error: (01/31/2015 01:25:34 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed iShutdown.; Fehler = 0x80070422).

Error: (01/31/2015 01:24:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 01:20:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9048

Error: (01/31/2015 01:20:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9048

Error: (01/31/2015 01:20:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/31/2015 01:20:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8050

Error: (01/31/2015 01:20:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8050

Error: (01/31/2015 01:20:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/31/2015 01:20:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7036


System errors:
=============
Error: (01/31/2015 01:23:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kfuxjkv

Error: (01/31/2015 01:23:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (01/31/2015 00:51:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kfuxjkv

Error: (01/31/2015 00:50:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (01/30/2015 11:05:45 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "OS" den Befehl "chkdsk" aus.

Error: (01/30/2015 11:05:45 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "OS" den Befehl "chkdsk" aus.

Error: (01/30/2015 11:05:45 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "OS" den Befehl "chkdsk" aus.

Error: (01/30/2015 11:05:45 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "OS" den Befehl "chkdsk" aus.

Error: (01/30/2015 11:05:45 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "OS" den Befehl "chkdsk" aus.

Error: (01/30/2015 11:05:45 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "OS" den Befehl "chkdsk" aus.


Microsoft Office Sessions:
=========================
Error: (01/31/2015 01:25:42 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved iShutdown.0x80070422

Error: (01/31/2015 01:25:34 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved iShutdown.0x80070422

Error: (01/31/2015 01:24:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 01:20:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9048

Error: (01/31/2015 01:20:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9048

Error: (01/31/2015 01:20:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/31/2015 01:20:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8050

Error: (01/31/2015 01:20:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8050

Error: (01/31/2015 01:20:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/31/2015 01:20:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7036


CodeIntegrity Errors:
===================================
  Date: 2014-08-21 17:33:05.700
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-21 17:33:05.654
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-08 13:47:50.338
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-08 13:47:50.338
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-08 13:47:50.323
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-08 13:47:50.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-08 13:47:50.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-08 13:47:50.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-08 13:47:50.276
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-08 13:47:50.276
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4820K CPU @ 3.70GHz
Percentage of memory in use: 34%
Total physical RAM: 8110.17 MB
Available physical RAM: 5311.68 MB
Total Pagefile: 16218.52 MB
Available Pagefile: 12774.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:921.13 GB) (Free:629.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AC379075)

Partition: GPT Partition Type.

==================== End Of Log ============================

cosinus 31.01.2015 18:28
Zitat:
System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Bei dir werkelt auf jeden Fall schonmal ein gecracktes MS-Office :pfui:

Das MS-Office und alles andere an gecracktem Zeugs falls vorhanden muss verschwinden. Sonst geht es nicht weiter hier.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

aim 31.01.2015 20:16
Hallo ,
am ich hab nicht gewusst das das crack ist mein freund hat das gemacht :o
Ich habs deinstalliert jetz
Danke Für denn Hinweis!

cosinus 31.01.2015 20:54
Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

aim 31.01.2015 21:39
Code:
ComboFix 15-01-29.01 - Richi 31.01.2015  20:19:45.1.8 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.43.1031.18.8110.5508 [GMT 1:00]
ausgeführt von:: c:\users\Richi\Desktop\ComboFix.exe
AV: Trend Micro Internet Security *Disabled/Updated* {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
SP: Trend Micro Internet Security *Disabled/Updated* {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6426\AddOnDownloaded\8d56ceae-d309-4e1d-8376-c13e94d402c3.dll
c:\users\Tati\AppData\Roaming\Origin
c:\users\Tati\AppData\Roaming\Origin\Cloud Saves\blacklist
c:\users\Tati\AppData\Roaming\Origin\local.xml
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-12-28 bis 2015-01-31  ))))))))))))))))))))))))))))))
.
.
2015-01-30 13:01 . 2015-01-30 14:32        --------        d-----w-        c:\users\Tati\AppData\Roaming\BitComet
2015-01-26 12:19 . 2015-01-26 12:19        --------        d-----w-        c:\programdata\Ubisoft
2015-01-23 21:58 . 2015-01-23 21:58        --------        d-----w-        c:\users\Richi\AppData\Local\Ubisoft
2015-01-23 17:39 . 2015-01-23 17:39        --------        d-----w-        c:\users\Richi\AppData\Roaming\PunkBuster
2015-01-23 11:27 . 2015-01-23 11:27        --------        d-----w-        c:\program files (x86)\LogMeIn Hamachi
2015-01-22 19:22 . 2015-01-31 12:47        236080        ----a-w-        c:\windows\RegBootClean64.exe
2015-01-22 19:01 . 2015-01-22 19:01        --------        d-----w-        C:\TMRescueDisk
2015-01-22 18:57 . 2014-07-09 16:02        106296        ----a-w-        c:\windows\system32\drivers\tmeevw.sys
2015-01-22 18:57 . 2014-07-09 16:03        407864        ----a-w-        c:\windows\system32\drivers\tmnciesc.sys
2015-01-22 18:57 . 2014-07-14 07:39        121944        ----a-w-        c:\windows\system32\drivers\tmactmon.sys
2015-01-22 18:57 . 2014-07-14 07:39        93664        ----a-w-        c:\windows\system32\drivers\tmevtmgr.sys
2015-01-22 18:57 . 2014-07-14 07:39        305832        ----a-w-        c:\windows\system32\drivers\tmcomm.sys
2015-01-22 18:57 . 2014-07-09 16:02        50976        ----a-w-        c:\windows\system32\drivers\TMEBC64.sys
2015-01-22 18:56 . 2014-06-30 11:06        106296        ----a-w-        c:\windows\system32\drivers\tmusa.sys
2015-01-22 18:55 . 2015-01-22 18:55        59        ----a-w-        c:\windows\system32\SupportTool.exe.bat
2015-01-22 18:55 . 2015-01-30 21:22        --------        d-----w-        c:\programdata\Trend Micro
2015-01-22 18:55 . 2015-01-22 18:55        --------        d-----w-        c:\program files\Trend Micro
2015-01-22 18:42 . 2015-01-23 12:35        --------        d-----w-        c:\users\Richi\AppData\Local\Trend Micro
2015-01-22 18:34 . 2015-01-22 19:02        --------        d-----w-        c:\programdata\Trend Micro Installer
2015-01-21 22:00 . 2015-01-21 22:00        --------        d-----w-        c:\program files (x86)\FileASSASSIN
2015-01-21 21:19 . 2011-06-21 04:09        200976        ----a-w-        c:\windows\SysWow64\drivers\tmcomm.sys
2015-01-21 20:38 . 2015-01-21 20:38        --------        d-----w-        C:\found.000
2015-01-21 13:18 . 2015-01-21 13:18        --------        d-----w-        c:\users\Richi\AppData\Local\PAYDAY 2
2015-01-21 12:12 . 2015-01-21 12:12        --------        d-----w-        c:\program files (x86)\505 Games
2015-01-19 16:59 . 2015-01-20 11:06        --------        d-----w-        c:\users\Richi\AppData\Roaming\mIRC
2015-01-19 16:59 . 2015-01-19 16:59        --------        d-----w-        c:\program files (x86)\mIRC
2015-01-19 16:24 . 2015-01-19 16:24        --------        d-----w-        c:\programdata\Citrix
2015-01-19 16:23 . 2015-01-19 16:23        --------        d-----w-        c:\program files (x86)\Citrix
2015-01-19 16:23 . 2015-01-19 16:23        --------        d-----w-        c:\users\Richi\AppData\Local\Citrix
2015-01-19 15:46 . 2015-01-30 13:02        --------        d-----w-        C:\Downloads
2015-01-19 15:45 . 2015-01-31 19:23        --------        d-----w-        c:\users\Richi\AppData\Roaming\BitComet
2015-01-19 15:45 . 2015-01-19 15:45        --------        d-----w-        c:\program files\BitComet
2015-01-16 12:10 . 2015-01-16 12:10        --------        d-----w-        c:\program files (x86)\jRAT Project
2015-01-15 13:14 . 2015-01-15 13:14        --------        d-----w-        c:\users\Richi\AppData\Roaming\minecraft
2015-01-15 11:26 . 2015-01-15 16:22        --------        d-----w-        c:\users\Richi\AppData\Roaming\.purple
2015-01-15 11:25 . 2015-01-15 11:25        --------        d-----w-        c:\program files (x86)\pidgin-otr
2015-01-15 11:25 . 2015-01-15 11:25        --------        d-----w-        c:\program files (x86)\Pidgin
2015-01-08 19:19 . 2015-01-08 19:19        --------        d-----w-        c:\users\Tati\AppData\Roaming\dvdcss
2015-01-08 18:02 . 2015-01-30 13:27        --------        d-----w-        c:\users\Tati\AppData\Local\SteelSeries Engine 3 Client
2015-01-08 11:40 . 2015-01-08 11:40        --------        d-----w-        c:\users\Richi\AppData\Local\RzStats
2015-01-07 14:39 . 2015-01-07 14:39        --------        d-----w-        c:\users\Tati\AppData\Local\Razer
2015-01-07 14:39 . 2015-01-07 14:39        --------        d-----w-        c:\users\Tati\AppData\Local\Logitech
2015-01-07 13:23 . 2014-12-10 20:43        129600        ----a-w-        c:\windows\system32\drivers\rzpnk.sys
2015-01-07 13:22 . 2014-12-09 22:21        37184        ----a-w-        c:\windows\system32\drivers\rzpmgrk.sys
2015-01-07 13:20 . 2015-01-08 11:40        --------        d-----w-        c:\users\Richi\AppData\Local\Razer
2015-01-07 13:14 . 2015-01-07 13:23        --------        d-----w-        c:\programdata\Razer
2015-01-07 13:14 . 2015-01-07 13:35        --------        d-----w-        c:\program files (x86)\Razer
2015-01-07 13:05 . 2015-01-31 19:14        --------        d-----w-        c:\users\Richi\AppData\Local\SteelSeries Engine 3 Client
2015-01-07 12:51 . 2015-01-07 12:51        --------        d-----w-        c:\users\admin
2015-01-07 12:50 . 2015-01-07 12:50        --------        d-----w-        c:\programdata\SteelSeries
2015-01-07 12:50 . 2015-01-07 13:05        --------        d-----w-        c:\program files\SteelSeries
2015-01-07 12:39 . 2015-01-07 12:39        --------        d-----w-        c:\users\Richi\AppData\Local\Logitech
2015-01-07 12:39 . 2015-01-07 12:39        --------        d-----w-        c:\programdata\Apple
2015-01-07 12:39 . 2015-01-07 12:39        --------        d-----w-        c:\program files\Bonjour
2015-01-07 12:39 . 2015-01-07 12:39        --------        d-----w-        c:\program files (x86)\Bonjour
2015-01-07 12:38 . 2015-01-07 12:39        --------        d-----w-        c:\program files\Logitech Gaming Software
2015-01-05 19:07 . 2015-01-05 19:07        --------        d-----w-        c:\program files\Max Spyware Detector
2015-01-05 19:07 . 2015-01-05 19:07        --------        d-----w-        c:\program files (x86)\Max Spyware Detector
2015-01-05 19:06 . 2015-01-05 19:07        --------        d-----w-        c:\programdata\Max Secure
2015-01-05 19:06 . 2014-12-03 17:02        91688        ----a-w-        c:\windows\system32\drivers\MaxProtector64.sys
2015-01-05 19:06 . 2014-12-03 17:02        79912        ----a-w-        c:\windows\system32\drivers\MaxProc64.sys
2015-01-05 19:06 . 2014-12-03 17:02        89128        ----a-w-        c:\windows\system32\drivers\MaxMgr.sys
2015-01-05 19:06 . 2014-12-03 17:02        149544        ----a-w-        c:\windows\system32\drivers\SDActMon.sys
2015-01-05 18:47 . 2015-01-05 18:47        --------        d-----w-        c:\users\Richi\AppData\Local\Max Secure Software
2015-01-05 18:47 . 2015-01-05 18:47        --------        d-----w-        c:\users\Richi\AppData\Roaming\GetRightToGo
2015-01-05 18:37 . 2015-01-05 18:37        --------        d-----r-        C:\Sandbox
2015-01-05 18:36 . 2015-01-05 18:36        --------        d-----w-        c:\program files\Sandboxie
2015-01-02 21:50 . 2015-01-02 21:50        8704        ----a-w-        c:\windows\system32\drivers\hidkmdf.sys
2015-01-02 21:50 . 2015-01-02 21:50        33792        ----a-w-        c:\windows\system32\drivers\sshid.sys
2015-01-02 21:50 . 2015-01-02 21:50        16896        ----a-w-        c:\windows\system32\drivers\ssdevfactory.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-31 19:13 . 2014-09-13 06:18        129752        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-30 11:13 . 2014-11-13 14:18        163504        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-01-26 13:19 . 2014-11-17 22:24        111016        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2015-01-26 13:19 . 2014-11-18 19:39        98216        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-26 13:07 . 2014-02-17 18:45        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-26 13:07 . 2014-02-17 18:45        701616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-23 17:39 . 2014-05-30 17:13        189248        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2015-01-23 17:39 . 2014-05-30 17:13        75136        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2015-01-14 16:24 . 2014-03-05 11:47        113365784        ----a-w-        c:\windows\system32\MRT.exe
2015-01-14 10:32 . 2014-07-22 11:11        33856        ---ha-w-        c:\windows\system32\hamachi.sys
2014-12-19 03:22 . 2014-12-19 03:22        9728        ----a-w-        c:\windows\SysWow64\RzStats.IPC.dll
2014-12-13 05:09 . 2014-12-18 10:48        144384        ----a-w-        c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 10:48        115712        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2014-12-08 16:01 . 2014-12-17 13:15        20216        ----a-w-        c:\windows\system32\roboot64.exe
2014-12-04 02:50 . 2014-12-11 15:05        413184        ----a-w-        c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-11 15:05        741376        ----a-w-        c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-11 15:05        396800        ----a-w-        c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-11 15:05        830976        ----a-w-        c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-11 15:05        227328        ----a-w-        c:\windows\system32\aepdu.dll
2014-12-04 02:50 . 2014-12-11 15:05        192000        ----a-w-        c:\windows\system32\aepic.dll
2014-12-04 02:44 . 2014-12-11 15:05        1083392        ----a-w-        c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-11 15:05        1232040        ----a-w-        c:\windows\system32\aitstatic.exe
2014-12-01 15:41 . 2014-12-01 12:20        129752        ----a-w-        c:\windows\system32\drivers\37BF22E8.sys
2014-11-27 01:43 . 2014-12-11 15:04        389296        ----a-w-        c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-11 15:04        25059840        ----a-w-        c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-11 15:04        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-11 15:04        4096        ----a-w-        c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-11 15:04        66560        ----a-w-        c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-11 15:04        580096        ----a-w-        c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-11 15:04        48640        ----a-w-        c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-11 15:04        2885120        ----a-w-        c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-11 15:04        88064        ----a-w-        c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-11 15:04        54784        ----a-w-        c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-11 15:04        34304        ----a-w-        c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-11 15:04        633856        ----a-w-        c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-11 15:04        114688        ----a-w-        c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-11 15:04        814080        ----a-w-        c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-11 15:04        6039552        ----a-w-        c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-11 15:04        968704        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-11 15:04        490496        ----a-w-        c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-11 15:04        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-11 15:04        77824        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-11 15:04        199680        ----a-w-        c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-11 15:04        92160        ----a-w-        c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-11 15:04        501248        ----a-w-        c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-11 15:04        62464        ----a-w-        c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-11 15:04        47616        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-11 15:04        64000        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-11 15:04        316928        ----a-w-        c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-11 15:04        620032        ----a-w-        c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-11 15:04        718848        ----a-w-        c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-11 15:04        800768        ----a-w-        c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-11 15:04        1359360        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-11 15:04        2125312        ----a-w-        c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-11 15:04        14412800        ----a-w-        c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-11 15:04        60416        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-11 15:04        4299264        ----a-w-        c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-11 15:04        2358272        ----a-w-        c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-11 15:04        2052096        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-11 15:04        1155072        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-11 15:04        1548288        ----a-w-        c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-11 15:04        800768        ----a-w-        c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-11 15:04        1888256        ----a-w-        c:\windows\SysWow64\wininet.dll
2014-11-21 05:14 . 2014-09-13 06:17        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-09-13 06:17        93400        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-09-13 06:17        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-11-18 19:47 . 2014-11-18 19:47        1691816        ----a-w-        c:\windows\system32\FM20.DLL
2014-11-11 04:27 . 2014-11-11 04:27        80384        ----a-w-        c:\windows\system32\RazerCoinstaller.dll
2014-11-11 03:09 . 2014-12-11 15:04        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 13:26        241152        ----a-w-        c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 13:26        728064        ----a-w-        c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-11 15:04        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 13:26        186880        ----a-w-        c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 13:26        550912        ----a-w-        c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-11 15:04        119296        ----a-w-        c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-11 15:03        2048        ----a-w-        c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-11 15:03        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 16:19        1729744        ----a-w-        c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 16:19        1729744        ----a-w-        c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 16:19        1729744        ----a-w-        c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2013-12-31 17257648]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R0 kfuxjkv;kfuxjkv;c:\windows\System32\drivers\yjnbs.sys;c:\windows\SYSNATIVE\drivers\yjnbs.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 dcdbas;System Management Driver;c:\windows\system32\DRIVERS\dcdbas64.sys;c:\windows\SYSNATIVE\DRIVERS\dcdbas64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\farmntio.sys;c:\windows\SYSNATIVE\drivers\farmntio.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x]
R3 NTIOLib_Flash;NTIOLib_Flash;c:\users\Richi\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys;c:\users\Richi\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 pbfilter;pbfilter;c:\users\Richi\AppData\Local\Temp\Rar$EXa0.969\pbfilter.sys;c:\users\Richi\AppData\Local\Temp\Rar$EXa0.969\pbfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 ssdevfactory;SteelSeries Device Factory Service;c:\windows\system32\DRIVERS\ssdevfactory.sys;c:\windows\SYSNATIVE\DRIVERS\ssdevfactory.sys [x]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Richi\AppData\Local\Temp\tmp8AE0.tmp;c:\users\Richi\AppData\Local\Temp\tmp8AE0.tmp [x]
R3 X6va019;X6va019;c:\windows\SysWOW64\Drivers\X6va019;c:\windows\SysWOW64\Drivers\X6va019 [x]
R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE;c:\program files (x86)\AlienRespawn\sftservice.EXE [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 MaxMgr;MaxMgr;c:\windows\System32\drivers\MaxMgr.sys;c:\windows\SYSNATIVE\drivers\MaxMgr.sys [x]
S0 MaxProc64;MaxProc64;c:\windows\System32\drivers\MaxProc64.sys;c:\windows\SYSNATIVE\drivers\MaxProc64.sys [x]
S0 MaxProtector64;MaxProtector64;c:\windows\System32\drivers\MaxProtector64.sys;c:\windows\SYSNATIVE\drivers\MaxProtector64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SDActMon;SDActMon;c:\windows\System32\drivers\SDActMon.sys;c:\windows\SYSNATIVE\drivers\SDActMon.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 TMEBC;TMEBC;c:\windows\system32\DRIVERS\TMEBC64.sys;c:\windows\SYSNATIVE\DRIVERS\TMEBC64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe;c:\program files\Alienware\Command Center\AlienFusionService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Platinum Host Service;Platinum Host Service;c:\program files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe;c:\program files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 tmusa;Trend Micro Osprey Driver;c:\windows\system32\DRIVERS\tmusa.sys;c:\windows\SYSNATIVE\DRIVERS\tmusa.sys [x]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
S3 sshid;SteelSeries HID Service;c:\windows\system32\DRIVERS\sshid.sys;c:\windows\SYSNATIVE\DRIVERS\sshid.sys [x]
S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys;c:\windows\SYSNATIVE\DRIVERS\tmeevw.sys [x]
S3 tmnciesc;tmnciesc;c:\windows\system32\DRIVERS\tmnciesc.sys;c:\windows\SYSNATIVE\DRIVERS\tmnciesc.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-17 13:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-07-16 09:06        672416        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-07-16 09:06        672416        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-07-16 09:06        672416        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 16:17        2334928        ----a-w-        c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 16:17        2334928        ----a-w-        c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 16:17        2334928        ----a-w-        c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2014-07-20 246304]
"Platinum"="c:\program files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" [2014-07-20 1266224]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
IE: &Alles mit BitComet herunterladen - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Mit BitComet herunter&laden - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
Trusted Zone: dell.com
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - c:\program files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\
FF - prefs.js: network.proxy.ftp - 182.93.219.246
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 182.93.219.246
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 182.93.219.246
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 182.93.219.246
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 182.93.219.246
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Driver Magician_is1 - c:\program files (x86)\Driver Magician\unins000.exe
AddRemove-{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1 - c:\users\Richi\Downloads\Adobe Photoshop CC 14.2 Final Multilanguage-[ChingLiu]\Update to 14.2\Update Management Tool\unins000.exe
AddRemove-{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1 - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\extensions\cliqz@cliqz.com\unins000.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{e48a2f61-851a-4155-82f9-af1b04db8c3b} - c:\programdata\Package Cache\{e48a2f61-851a-4155-82f9-af1b04db8c3b}\SetupChipset.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\users\Richi\AppData\Local\Temp\tmp8AE0.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va019]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va019"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1822456779-1171189387-2754077004-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8d,9a,45,49,b2,40,73,96,32,a0,81,2d,a4,8b,74,46,25,ae,6c,a0,0f,25,ab,
  3b,00,d7,a8,c1,c6,36,5c,11,b2,84,0d,8b,3b,3b,84,84,5e,92,9e,cf,52,07,04,60,\
"??"=hex:93,1c,71,d8,e5,a3,a5,1f,9e,0d,f2,dc,c0,dc,1e,c7
.
[HKEY_USERS\S-1-5-21-1822456779-1171189387-2754077004-1000\Software\SecuROM\License information*]
"datasecu"=hex:a2,9a,34,6e,2e,15,38,cd,ea,c4,56,0f,01,dc,a8,c3,78,d1,1c,5c,7a,
  3c,48,f6,de,4a,39,62,0b,74,ba,ee,fc,f6,af,82,a9,ba,67,1e,84,b7,52,a3,c3,78,\
"rkeysecu"=hex:98,ec,fb,96,9b,7f,ae,7f,24,57,05,17,bb,b0,df,1b
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\hxxp://schemas.microsoft.com/office/smartdocuments/2003\0]
"Key"="hxxp://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\hxxp://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-01-31  20:26:36
ComboFix-quarantined-files.txt  2015-01-31 19:26
.
Vor Suchlauf: 16 Verzeichnis(se), 688.032.333.824 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 689.429.815.296 Bytes frei
.
- - End Of File - - CE08B98B370A52309C05F7D2C89C2C6A
A36C5E4F47E84449FF07ED3517B43A31

cosinus 31.01.2015 21:52
Weiter mit MBAR:

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

aim 31.01.2015 22:41
Hier ist es
Code:
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
  main:    v2015.01.31.05
  rootkit: v2015.01.14.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Richi :: RICHI-PC [administrator]

31.01.2015 22:01:36
mbar-log-2015-01-31 (22-01-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 519095
Time elapsed: 22 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 31.01.2015 22:44
Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


aim 02.02.2015 21:28
Ups sry :P
adwCleaner
Code:
# AdwCleaner v4.109 - Bericht erstellt am 02/02/2015 um 17:26:14
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Richi - RICHI-PC
# Gestartet von : C:\Users\Richi\Desktop\AdwCleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
Datei Gefunden : C:\Users\Richi\AppData\Local\Temp\Uninstall.exe
Datei Gefunden : C:\Users\Tati\AppData\Roaming\Mozilla\Firefox\Profiles\vtwkiwgu.default\searchplugins\avg-secure-search.xml
Datei Gefunden : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
Datei Gefunden : C:\Windows\System32\log\iSafeKrnlCall.log
Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden : C:\ProgramData\AVG Security Toolbar
Ordner Gefunden : C:\Users\Richi\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Richi\AppData\Local\Max Secure Software
Ordner Gefunden : C:\Users\Richi\AppData\Local\NativeMessaging
Ordner Gefunden : C:\Users\Richi\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Richi\AppData\Roaming\InetStat
Ordner Gefunden : C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gefunden : C:\Users\Richi\AppData\Roaming\Systweak

***** [ Tasks ] *****

Task Gefunden : Desk 365 RunAsStdUser
Task Gefunden : Oxy

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Ciuvo
Schlüssel Gefunden : HKCU\Software\Classes\Applications\inetstat.exe
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Escolade
Schlüssel Gefunden : HKCU\Software\InetStat
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : HKCU\Software\V9
Schlüssel Gefunden : [x64] HKCU\Software\Ciuvo
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Escolade
Schlüssel Gefunden : [x64] HKCU\Software\InetStat
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\V9
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\AVG Secure Search
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Schlüssel Gefunden : HKLM\SOFTWARE\Desksvc
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gefunden : HKLM\SOFTWARE\hdcode
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : HKLM\SOFTWARE\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\winzipersvc
Schlüssel Gefunden : HKLM\SOFTWARE\YourFileDownloader
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0

Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://go.speedbit.com/tab/?s=E3Saya1

-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Google Chrome v

[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BE132016D82672AF&affID=119357&tsp=5002
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP050C2632-50EA-40ED-9CB4-37A010ACBBF8&q={searchTerms}&SSPV=
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=100&systemid=473&v=a9397-200&apn_uid=4172433486524914&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1388864760&from=slbnew&uid=HitachiXHTS547550A9E384_J2100050FNNL5AFNNL5AX&q={searchTerms}
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=AT&userid=07a03984-68f1-4ae9-b7d0-3a15499a6059&searchtype=ds&q={searchTerms}&installDate=06/08/2013
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=AT&userid=07a03984-68f1-4ae9-b7d0-3a15499a6059&searchtype=ds&q={searchTerms}&installDate=06/08/2013
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119781&tt=gc_&babsrc=SP_ss&mntrId=BE132016D82672AF
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://search.softonic.com/MOY00006/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=be13214c0000000000002016d82672af
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={59E72742-DFE9-11E2-BE95-2016D8268C13}&crg=3.1010000.10011&st=23&ptr=100
[C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://go.speedbit.com/search.aspx?s=E3Saya1&q={searchTerms}

*************************

AdwCleaner[R0].txt - [7983 octets] - [02/02/2015 17:26:14]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8043 octets] ##########

cosinus 02.02.2015 21:49
hast du mein letztes Posting nicht richtig gelesen :confused: :wtf:

aim 02.02.2015 22:15
Ich habs ausgebessert sry :o
Junkware Remove Tool
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Richi on 02.02.2015 at 17:48:52,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Richi\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Richi\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Richi\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Richi\appdata\locallow\pcdr"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Richi\AppData\Roaming\mozilla\firefox\profiles\2qckguo6.default\minidumps [11 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.02.2015 at 17:54:43,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
frst
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Richi (administrator) on RICHI-PC on 02-02-2015 20:26:23
Running from C:\Users\Richi\Desktop
Loaded Profiles: Richi (Available profiles: Richi & Tati & Administrator & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(www.BitComet.com) C:\Program Files\BitComet\BitComet.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(PC-Doctor, Inc.) C:\Program Files\AlienAutopsy\imstrayicon.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\SupportTool.exe
(Microsoft Corporation) C:\Windows\System32\psr.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\RunOnce: [DCERegBootClean64] => C:\Windows\RegBootClean64.exe [236080 2015-02-02] (Trend Micro Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\Run: [BitComet] => C:\Program Files\BitComet\BitComet.exe [17257648 2013-12-31] (www.BitComet.com)
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52966;https=127.0.0.1:52966
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.alienwarearena.com/welcome-at
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP050C2632-50EA-40ED-9CB4-37A010ACBBF8&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default
FF NetworkProxy: "ftp", "182.93.219.246"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "182.93.219.246"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "182.93.219.246"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "182.93.219.246"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "182.93.219.246"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1822456779-1171189387-2754077004-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\searchplugins\google-maps.xml
FF Extension: BitComet Video Downloader - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2015-01-19]
FF Extension: Best Proxy Switcher - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2014-09-09]
FF Extension: Cliqz Beta - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\cliqz@cliqz.com.xpi [2014-10-11]
FF Extension: MEGA - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\firefox@mega.co.nz.xpi [2014-09-23]
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-29]
FF Extension: DownThemAll! - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-08-29]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-01-22]
FF HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\2qckguo6.default\extensions\cliqz@cliqz.com

Chrome:
=======
CHR Profile: C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-04]
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-04]
CHR Extension: (YouTube) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-04]
CHR Extension: (Adblock Plus) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-04]
CHR Extension: (Google Search) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-04]
CHR Extension: (HTML5 video for YouTube™) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2014-03-04]
CHR Extension: (Chrome Web Store Launcher (by Google)) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2014-03-04]
CHR Extension: (AirDroid) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2014-03-04]
CHR Extension: (Google Play) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-04]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-03-04]
CHR Extension: (Gmail) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-07-02] (Intel Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-05-03] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-01-23] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-02-18] (Microsoft Corporation)
U2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-19] (Disc Soft Ltd)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [File not signed]
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-06-28] (Intel Corporation)
R0 MaxMgr; C:\Windows\System32\drivers\MaxMgr.sys [89128 2014-12-03] (Max Secure Software)
R0 MaxProc64; C:\Windows\System32\drivers\MaxProc64.sys [79912 2014-12-03] (Max Secure Software)
R0 MaxProtector64; C:\Windows\System32\drivers\MaxProtector64.sys [91688 2014-12-03] (Max Secure Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
R0 SDActMon; C:\Windows\System32\drivers\SDActMon.sys [149544 2014-12-03] (Max Secure Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-15] (Duplex Secure Ltd.)
S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [16896 2015-01-02] (SteelSeries ApS) [File not signed]
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [33792 2015-01-02] (SteelSeries ApS)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\SysWOW64\DRIVERS\tmcomm.sys [200976 2011-06-21] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
U3 akf0ilof; C:\Windows\System32\Drivers\akf0ilof.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
S0 kfuxjkv; System32\drivers\yjnbs.sys [X]
S3 NTIOLib_Flash; \??\C:\Users\Richi\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys [X]
S3 pbfilter; \??\C:\Users\Richi\AppData\Local\Temp\Rar$EXa0.969\pbfilter.sys [X]
U2 TMAgent; No ImagePath
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Richi\AppData\Local\Temp\tmp8AE0.tmp [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 20:26 - 2015-02-02 20:26 - 02131456 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2015-02-02 20:10 - 2015-02-02 20:10 - 00005654 _____ () C:\Windows\RegBootClean64.CFG
2015-02-02 20:09 - 2015-02-02 20:26 - 00027851 _____ () C:\Users\Richi\Desktop\FRST.txt
2015-02-02 20:09 - 2015-02-02 20:10 - 00022002 _____ () C:\Users\Richi\Desktop\Addition.txt
2015-02-02 18:35 - 2015-02-02 18:36 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\PCDr
2015-02-02 18:34 - 2015-02-02 18:34 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-02 17:54 - 2015-02-02 17:55 - 00001301 _____ () C:\Users\Richi\Desktop\JRT.txt
2015-02-02 17:48 - 2015-02-02 17:48 - 00000000 ____D () C:\Windows\ERUNT
2015-02-02 17:41 - 2015-02-02 17:41 - 00008163 _____ () C:\Users\Richi\Desktop\AdwCleaner[R0].txt
2015-02-02 17:26 - 2015-02-02 17:42 - 00000000 ____D () C:\AdwCleaner
2015-02-02 15:58 - 2015-02-02 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSEV Skyrim LE
2015-02-02 15:51 - 2015-02-02 15:58 - 00000000 ____D () C:\Program Files (x86)\TSEV Skyrim LE
2015-02-01 21:37 - 2015-02-01 21:37 - 02194432 _____ () C:\Users\Richi\Desktop\AdwCleaner_4.109.exe
2015-02-01 21:37 - 2015-02-01 21:37 - 01707939 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2015-01-31 22:01 - 2015-01-31 22:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-31 21:59 - 2015-01-31 22:00 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Richi\Downloads\mbar-1.08.3.1004.exe
2015-01-31 20:26 - 2015-01-31 20:26 - 00040309 _____ () C:\ComboFix.txt
2015-01-31 20:18 - 2015-01-31 20:26 - 00000000 ____D () C:\Qoobox
2015-01-31 20:18 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-31 20:18 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-31 20:18 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-31 20:18 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-31 20:18 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-31 20:18 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-31 20:18 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-31 20:18 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-31 20:17 - 2015-01-31 20:25 - 00000000 ____D () C:\Windows\erdnt
2015-01-31 16:48 - 2015-01-31 16:48 - 00185808 _____ () C:\Users\Richi\Downloads\watch.html
2015-01-31 13:45 - 2015-01-31 13:45 - 00063500 _____ () C:\Users\Richi\Downloads\FRST.txt
2015-01-31 13:18 - 2015-01-31 13:18 - 01327309 _____ (Your Company Name ) C:\Users\Richi\Downloads\iShutdown_pc_server_1_2.exe
2015-01-30 22:28 - 2015-01-30 22:26 - 00000023 _____ () C:\Users\Richi\Downloads\XD.txt
2015-01-30 22:24 - 2015-01-30 22:49 - 01191424 _____ () C:\Users\Richi\Downloads\CyberGhost VPN - CHIP-Installer.exe
2015-01-30 14:01 - 2015-01-30 15:32 - 00000000 ____D () C:\Users\Tati\AppData\Roaming\BitComet
2015-01-28 22:30 - 2015-01-28 22:30 - 02390376 _____ () C:\Users\Richi\Downloads\datsauce_mpgh.net.zip
2015-01-28 21:35 - 2015-02-01 17:57 - 00000000 ____D () C:\Users\Richi\Downloads\The.Elder.Scrolls.V.Skyrim.Legendary.Edition-WaLMaRT
2015-01-28 19:43 - 2015-01-28 19:43 - 00890522 _____ () C:\Users\Richi\Downloads\OptiFine_1.8.0_HD_U_C6.jar
2015-01-28 19:32 - 2015-01-28 19:32 - 00510432 _____ () C:\Users\Richi\Downloads\NotEnoughItems-1.8-1.0.5.82-universal.jar
2015-01-28 19:31 - 2015-01-28 19:31 - 03205526 _____ () C:\Users\Richi\Downloads\forge-1.8-11.14.0.1290-1.8-installer.jar
2015-01-28 19:27 - 2015-01-28 19:27 - 00340976 _____ () C:\Users\Richi\Downloads\ShadersMod-v2.4.7mc1.8.jar
2015-01-28 19:22 - 2015-01-28 19:22 - 00393478 _____ (hxxp://magiclauncher.com) C:\Users\Richi\Downloads\MagicLauncher_1.2.6.exe
2015-01-28 13:43 - 2015-01-28 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 13:19 - 2015-01-26 13:19 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-01-24 22:33 - 2015-01-24 22:33 - 00001429 _____ () C:\Users\Tati\Desktop\Trend Micro Internet Security.lnk
2015-01-24 22:33 - 2015-01-24 22:33 - 00000000 ____D () C:\Users\Tati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2015-01-23 23:03 - 2015-01-31 21:22 - 00000000 ____D () C:\Users\Richi\Documents\The Crew
2015-01-23 23:03 - 2015-01-31 21:09 - 00000000 ____D () C:\Users\Richi\Documents\ProfileCache
2015-01-23 22:58 - 2015-01-23 22:58 - 00000000 ____D () C:\Users\Richi\AppData\Local\Ubisoft
2015-01-23 18:39 - 2015-01-23 18:39 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\PunkBuster
2015-01-23 13:23 - 2015-01-23 13:23 - 00000000 ____D () C:\Users\Richi\Downloads\Assassin's.Creed.III.Deluxe.Edition-Multi18.Steam-FullRip - R.G.Origins
2015-01-23 13:21 - 2015-01-23 18:47 - 00000000 ____D () C:\Users\Richi\Downloads\Assassins.Creed.Revelations-SKIDROW
2015-01-23 13:20 - 2015-01-23 17:57 - 00000000 ____D () C:\Users\Richi\Downloads\Assassins.Creed.Brotherhood-SKIDROW
2015-01-23 12:27 - 2015-01-23 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-23 12:27 - 2015-01-23 12:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-22 20:22 - 2015-02-02 20:10 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-01-22 20:01 - 2015-01-22 20:01 - 00000000 ____D () C:\TMRescueDisk
2015-01-22 19:57 - 2015-01-22 19:57 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2015-01-22 19:57 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-01-22 19:57 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-01-22 19:57 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-01-22 19:57 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-01-22 19:57 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-01-22 19:57 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-01-22 19:56 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-01-22 19:55 - 2015-01-30 22:22 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-01-22 19:55 - 2015-01-22 19:55 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2015-01-22 19:55 - 2015-01-22 19:55 - 00000000 ____D () C:\Program Files\Trend Micro
2015-01-22 19:42 - 2015-01-23 13:35 - 00000000 ____D () C:\Users\Richi\AppData\Local\Trend Micro
2015-01-22 19:34 - 2015-01-22 19:34 - 06631056 _____ (Trend Micro Inc.) C:\Users\Richi\Downloads\Trend_Micro_Internet_Security_2015.exe
2015-01-22 11:56 - 2015-01-22 16:42 - 00205417 _____ () C:\Users\Richi\AppData\Local\census.cache
2015-01-21 23:00 - 2015-01-30 22:50 - 00167424 _____ () C:\Users\Richi\Downloads\fileassassin-setup-1.06.exe
2015-01-21 23:00 - 2015-01-21 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2015-01-21 23:00 - 2015-01-21 23:00 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2015-01-21 22:34 - 2015-01-22 16:42 - 00139879 _____ () C:\Users\Richi\AppData\Local\ars.cache
2015-01-21 22:19 - 2015-01-30 22:50 - 02002432 _____ (Trend Micro Inc.) C:\Users\Richi\Downloads\HousecallLauncher.exe
2015-01-21 22:19 - 2015-01-22 21:08 - 00000036 _____ () C:\Users\Richi\AppData\Local\housecall.guid.cache
2015-01-21 22:19 - 2011-06-21 05:09 - 00200976 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys
2015-01-21 21:38 - 2015-01-21 21:38 - 00000000 ____D () C:\found.000
2015-01-21 18:33 - 2015-01-21 18:33 - 00000000 ____D () C:\Users\Richi\Desktop\SUE USB
2015-01-21 14:18 - 2015-01-21 14:18 - 00000000 ____D () C:\Users\Richi\AppData\Local\PAYDAY 2
2015-01-21 13:12 - 2015-01-21 13:12 - 00000000 ____D () C:\Program Files (x86)\505 Games
2015-01-19 23:30 - 2015-01-19 23:31 - 01834028 _____ () C:\Users\Richi\Downloads\AC_UNITY+12Tr-LNG_v1.4.0-Multi(1).rar
2015-01-19 23:28 - 2015-01-19 23:28 - 00446653 _____ () C:\Users\Richi\Downloads\sr-acuv14up.7z
2015-01-19 18:20 - 2015-01-19 18:20 - 01678928 _____ (BitTorrent Inc.) C:\Users\Richi\Downloads\uTorrent.exe
2015-01-19 17:59 - 2015-02-02 20:06 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\mIRC
2015-01-19 17:59 - 2015-02-02 19:48 - 00000000 ____D () C:\Program Files (x86)\mIRC
2015-01-19 17:58 - 2015-01-19 17:59 - 02471776 _____ (mIRC Co. Ltd.) C:\Users\Richi\Downloads\mirc738.exe
2015-01-19 17:24 - 2015-01-19 17:24 - 00000000 ____D () C:\ProgramData\Citrix
2015-01-19 17:23 - 2015-01-19 17:23 - 00000000 ____D () C:\Users\Richi\AppData\Local\Citrix
2015-01-19 17:23 - 2015-01-19 17:23 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-01-19 16:45 - 2015-02-02 20:23 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\BitComet
2015-01-19 16:45 - 2015-01-19 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2015-01-19 16:45 - 2015-01-19 16:45 - 00000000 ____D () C:\Program Files\BitComet
2015-01-19 16:44 - 2015-01-30 22:49 - 09471488 _____ () C:\Users\Richi\Downloads\BitComet_1.37_x64_setup.exe
2015-01-19 16:34 - 2015-01-19 16:34 - 00091048 _____ () C:\Users\Richi\Downloads\Assassins.Creed.Unity.v1.4.Update.Proper-SKIDROW.torrent
2015-01-19 16:05 - 2015-01-19 16:05 - 00142975 _____ () C:\Users\Richi\Downloads\Assassins.Creed.Unity.Dead.Kings.DLC.Proper-SKIDROW.torrent
2015-01-19 13:32 - 2015-01-19 13:32 - 00003128 _____ () C:\Windows\System32\Tasks\{13307364-7B68-47D8-99B8-F716B8C23E0E}
2015-01-19 13:31 - 2015-01-21 18:34 - 00000000 ____D () C:\Users\Richi\Downloads\Kaspersky Rescue2Usb
2015-01-19 13:31 - 2015-01-19 13:31 - 00387584 _____ () C:\Users\Richi\Downloads\rescue2usb.exe
2015-01-19 13:31 - 2015-01-19 13:31 - 00000000 ____D () C:\Users\Richi\Documents\Neuer Ordner
2015-01-19 13:25 - 2015-01-19 02:33 - 314472448 _____ () C:\Users\Richi\Downloads\kav_rescue_10.iso
2015-01-18 21:01 - 2015-01-18 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
2015-01-18 21:01 - 2010-06-02 13:23 - 04830552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9d_33.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 03795800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9d_33.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02947416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9d.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02719064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9d.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02686808 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 02261336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3dx9d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 01931608 _____ (Microsoft Corporation) C:\Windows\system32\D3DCSXd_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 01883992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCSXd_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00964440 _____ (Microsoft Corporation) C:\Windows\system32\XAudioD2_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00954200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudioD2_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00645464 _____ (Microsoft Corporation) C:\Windows\system32\D3D11SDKLayers.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00639832 _____ (Microsoft Corporation) C:\Windows\system32\D3D11Ref.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00608088 _____ (Microsoft Corporation) C:\Windows\system32\D3D10SDKLayers.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00568664 _____ (Microsoft Corporation) C:\Windows\system32\D3DX10d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00525144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D11Ref.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00514392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX10d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00496472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D11SDKLayers.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00453464 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Ref.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00447832 _____ (Microsoft Corporation) C:\Windows\system32\d3dref9.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00442712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D10SDKLayers.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00435032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineA3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineA3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00367960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D10Ref.DLL
2015-01-18 21:01 - 2010-06-02 13:23 - 00349528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineD3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00348504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dref9.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineD3_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00308056 _____ (Microsoft Corporation) C:\Windows\system32\D3DX11d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00268120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX11d_43.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00139608 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFXD1_5.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00131928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFXD1_5.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00053080 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudioD1_7.dll
2015-01-18 21:01 - 2010-06-02 13:23 - 00045400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudioD1_7.dll
2015-01-18 20:59 - 2015-01-18 21:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
2015-01-18 20:52 - 2015-01-30 22:51 - 599453184 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\DXSDK_Jun10.exe
2015-01-17 15:21 - 2015-01-17 15:21 - 01717788 _____ () C:\Users\Richi\Downloads\Counter Strike Global Offensive Hack(2).rar
2015-01-16 14:34 - 2015-01-16 14:34 - 00093107 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_ESPorn [16.12.2014].rar
2015-01-16 14:33 - 2015-01-16 14:33 - 00207971 _____ () C:\Users\Richi\Downloads\Uni-Hack (07-12-14)(1).rar
2015-01-16 14:33 - 2015-01-16 14:33 - 00007768 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_Project-7 Pub v 1.1(1).zip
2015-01-16 13:22 - 2015-01-16 13:22 - 00040403 _____ () C:\Users\Richi\Downloads\jRAT-Remover-master.zip
2015-01-16 13:21 - 2015-01-16 13:21 - 00025115 _____ () C:\Users\Richi\Downloads\jrat-remover.jar
2015-01-16 13:19 - 2015-01-16 13:19 - 01188194 _____ () C:\Users\Richi\Downloads\ProcessExplorer_1604.zip
2015-01-16 13:19 - 2015-01-16 13:19 - 01179936 _____ () C:\Users\Richi\Downloads\Process Explorer - CHIP-Installer.exe
2015-01-16 13:18 - 2015-01-16 13:21 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jRAT Project
2015-01-16 13:13 - 2015-01-16 13:13 - 00000000 ____D () C:\Users\Richi\Desktop\TrueCrypt
2015-01-16 13:10 - 2015-01-16 13:10 - 02406346 _____ () C:\Users\Richi\Downloads\truecrypt.zip
2015-01-16 13:10 - 2015-01-16 13:10 - 00000000 ____D () C:\Program Files (x86)\jRAT Project
2015-01-16 13:09 - 2015-01-30 22:50 - 37906944 _____ () C:\Users\Richi\Downloads\jrat-windows.exe
2015-01-15 20:11 - 2015-01-15 20:11 - 10515012 _____ () C:\Users\Richi\Downloads\thehen101-Kryptonite-2.41-MC1.8.zip
2015-01-15 19:18 - 2015-01-15 19:18 - 00005056 _____ () C:\Users\Richi\Downloads\bibanator config Dezember 2014.rar
2015-01-15 14:14 - 2015-01-15 14:14 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\minecraft
2015-01-15 14:12 - 2015-01-15 14:13 - 08347449 _____ () C:\Users\Richi\Downloads\Reflex(2).zip
2015-01-15 14:03 - 2015-01-15 14:03 - 06505592 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\vcredist_x86.exe
2015-01-15 14:02 - 2015-01-15 14:02 - 07195928 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\vcredist_x64(1).exe
2015-01-15 12:26 - 2015-01-15 17:22 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\.purple
2015-01-15 12:25 - 2015-01-15 12:25 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\Program Files (x86)\pidgin-otr
2015-01-15 12:25 - 2015-01-15 12:25 - 00000000 ____D () C:\Program Files (x86)\Pidgin
2015-01-15 12:24 - 2015-01-15 12:24 - 09670472 _____ () C:\Users\Richi\Downloads\pidgin-2.10.11(1).exe
2015-01-15 12:24 - 2015-01-15 12:24 - 01623752 _____ () C:\Users\Richi\Downloads\pidgin-otr-4.0.0-1.exe
2015-01-15 12:22 - 2015-01-15 12:22 - 00014425 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_csgopubliccheat(2).zip
2015-01-14 15:04 - 2015-01-14 15:04 - 00014425 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_csgopubliccheat(1).zip
2015-01-14 14:55 - 2015-01-14 14:56 - 00091364 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_ESPorn.rar
2015-01-14 14:51 - 2015-01-14 14:51 - 00014425 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_csgopubliccheat.zip
2015-01-14 14:16 - 2015-01-14 14:16 - 09670472 _____ () C:\Users\Richi\Downloads\pidgin-2.10.11.exe
2015-01-14 13:22 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 13:22 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 13:22 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 13:22 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 13:22 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 13:22 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 13:22 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 13:22 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 13:22 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 13:22 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 13:22 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 13:22 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 13:22 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 17:17 - 2015-01-13 17:17 - 00019717 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_ESP TEST v1.rar
2015-01-13 17:12 - 2015-01-13 17:12 - 00027136 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_Almost Legit.exe
2015-01-13 12:18 - 2015-01-13 12:18 - 00977524 _____ () C:\Users\Richi\Downloads\Hackery-master.zip
2015-01-09 13:31 - 2015-01-09 13:31 - 00007768 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_Project-7 Pub v 1.1.zip
2015-01-09 13:29 - 2015-01-09 13:29 - 00012667 _____ () C:\Users\Richi\Downloads\[www.OldSchoolHack.de]_sNPXnJb8.rar
2015-01-09 13:23 - 2015-01-09 13:23 - 00207971 _____ () C:\Users\Richi\Downloads\Uni-Hack (07-12-14).rar
2015-01-09 13:13 - 2015-01-09 13:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ssdevfactory_01011.Wdf
2015-01-09 13:13 - 2015-01-09 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-01-09 13:11 - 2015-01-09 13:12 - 59609136 _____ () C:\Users\Richi\Downloads\SteelSeriesEngine_3.3.2.exe
2015-01-08 20:19 - 2015-01-08 20:19 - 00000000 ____D () C:\Users\Tati\AppData\Roaming\dvdcss
2015-01-08 19:02 - 2015-01-30 14:27 - 00000000 ____D () C:\Users\Tati\AppData\Local\SteelSeries Engine 3 Client
2015-01-08 18:55 - 2015-01-08 18:55 - 00044261 _____ () C:\Users\Tati\Desktop\Glorie glorie aleluia.pptx
2015-01-08 18:41 - 2015-01-08 18:41 - 00047320 _____ () C:\Users\Tati\Desktop\Dumnezeu e dragostea mea.pptx
2015-01-08 12:40 - 2015-01-08 12:40 - 00000000 ____D () C:\Users\Richi\AppData\Local\RzStats
2015-01-07 15:39 - 2015-01-07 15:39 - 00000000 ____D () C:\Users\Tati\AppData\Local\Razer
2015-01-07 15:39 - 2015-01-07 15:39 - 00000000 ____D () C:\Users\Tati\AppData\Local\Logitech
2015-01-07 14:23 - 2014-12-10 21:43 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2015-01-07 14:22 - 2014-12-09 23:21 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2015-01-07 14:20 - 2015-01-08 12:40 - 00000000 ____D () C:\Users\Richi\AppData\Local\Razer
2015-01-07 14:19 - 2015-01-15 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-07 14:18 - 2015-01-07 14:19 - 55753264 _____ (Razer Inc.) C:\Users\Richi\Downloads\Razer_Synapse_Framework_V1.18.18.23036.exe
2015-01-07 14:15 - 2015-01-07 14:15 - 00000000 ____D () C:\Users\Richi\AppData\Local\Razer_Inc
2015-01-07 14:14 - 2015-01-07 14:35 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-01-07 14:14 - 2015-01-07 14:23 - 00000000 ____D () C:\ProgramData\Razer
2015-01-07 14:05 - 2015-02-01 21:30 - 00000000 ____D () C:\Users\Richi\AppData\Local\SteelSeries Engine 3 Client
2015-01-07 13:51 - 2015-01-07 14:05 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-01-07 13:51 - 2015-01-07 13:51 - 00000000 ____D () C:\Users\admin
2015-01-07 13:50 - 2015-01-07 14:05 - 00000000 ____D () C:\Program Files\SteelSeries
2015-01-07 13:50 - 2015-01-07 13:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_sshid_01011.Wdf
2015-01-07 13:50 - 2015-01-07 13:50 - 00000000 ____D () C:\ProgramData\SteelSeries
2015-01-07 13:48 - 2014-11-14 18:50 - 58227312 _____ () C:\Users\Richi\Downloads\SteelSeriesEngine_3.3.1Setup.exe
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\Users\Richi\AppData\Local\Logitech
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\ProgramData\Apple
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-07 13:39 - 2015-01-07 13:39 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-07 13:38 - 2015-01-07 13:39 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2015-01-07 13:38 - 2015-01-07 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-01-07 13:37 - 2015-01-30 22:50 - 67351040 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x64_Logitech.exe
2015-01-07 13:33 - 2015-01-07 13:33 - 00004752 _____ () C:\Windows\LDPINST.LOG
2015-01-07 13:32 - 2015-01-07 13:32 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2015-01-07 13:27 - 2015-01-30 22:51 - 63059968 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x86_Logitech(1).exe
2015-01-07 13:24 - 2015-01-30 22:50 - 58466816 _____ (Logitech Inc.) C:\Users\Richi\Downloads\lgs8.56.109_x86.exe
2015-01-07 13:22 - 2014-10-27 23:56 - 63059552 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x86_Logitech_001.exe
2015-01-07 13:18 - 2015-01-07 13:19 - 63059552 _____ (Logitech Inc.) C:\Users\Richi\Downloads\LGS_8.57.145_x86_Logitech.exe
2015-01-05 20:07 - 2015-01-05 20:07 - 00000000 ____D () C:\Program Files\Max Spyware Detector
2015-01-05 20:07 - 2015-01-05 20:07 - 00000000 ____D () C:\Program Files (x86)\Max Spyware Detector
2015-01-05 20:06 - 2015-01-05 20:07 - 00000000 ____D () C:\ProgramData\Max Secure
2015-01-05 20:06 - 2014-12-03 18:02 - 00149544 _____ (Max Secure Software) C:\Windows\system32\Drivers\SDActMon.sys
2015-01-05 20:06 - 2014-12-03 18:02 - 00091688 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector64.sys
2015-01-05 20:06 - 2014-12-03 18:02 - 00089128 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxMgr.sys
2015-01-05 20:06 - 2014-12-03 18:02 - 00079912 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProc64.sys
2015-01-05 19:59 - 2015-01-05 19:59 - 00054710 _____ () C:\Users\Richi\Downloads\Project-7 Pub v 1.1.zip
2015-01-05 19:55 - 2015-01-05 19:55 - 01150651 _____ () C:\Users\Richi\Downloads\NetSharkGo.zip
2015-01-05 19:52 - 2015-01-05 19:53 - 05718872 _____ (Microsoft Corporation) C:\Users\Richi\Downloads\vcredist_x64.exe
2015-01-05 19:47 - 2015-01-30 22:49 - 00368640 _____ (RegNow.com) C:\Users\Richi\Downloads\Download_MaxSDRDM.exe
2015-01-05 19:37 - 2015-01-05 19:37 - 00000000 ___RD () C:\Sandbox
2015-01-05 19:36 - 2015-01-23 12:50 - 00002552 _____ () C:\Windows\Sandboxie.ini
2015-01-05 19:36 - 2015-01-05 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-01-05 19:36 - 2015-01-05 19:36 - 00000000 ____D () C:\Program Files\Sandboxie
2015-01-05 19:35 - 2015-01-05 19:35 - 02734600 _____ (Sandboxie Holdings, LLC) C:\Users\Richi\Downloads\SandboxieInstall.exe
2015-01-03 21:52 - 2015-01-03 21:52 - 00693493 _____ () C:\Users\Richi\Downloads\Aqua Spammer V2.1.zip
2015-01-03 21:39 - 2015-01-03 21:39 - 00029696 _____ () C:\Users\Richi\Downloads\Venom Spammer.exe
2015-01-03 19:14 - 2015-01-03 19:14 - 01873946 _____ () C:\Users\Richi\Downloads\AC_UNITY+11Tr-LNG_v1.3.0-Multi.rar
2015-01-03 19:06 - 2015-01-03 19:07 - 01814808 _____ () C:\Users\Richi\Downloads\AC_UNITY+12Tr-LNG_v1.4.0-Multi.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 20:26 - 2014-05-27 18:49 - 00000000 ____D () C:\FRST
2015-02-02 20:23 - 2014-09-13 07:18 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 20:08 - 2014-04-28 17:49 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2F0E0C9F-6194-4F0C-9D4A-1EF45653C831}
2015-02-02 20:07 - 2014-02-17 19:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 19:09 - 2014-02-17 19:45 - 01246220 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 18:35 - 2014-03-04 11:47 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-02-02 17:50 - 2009-07-14 05:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 17:50 - 2009-07-14 05:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 17:43 - 2014-08-04 21:10 - 00122436 _____ () C:\Windows\PFRO.log
2015-02-02 17:43 - 2014-08-04 19:51 - 00062249 _____ () C:\Windows\setupact.log
2015-02-02 17:43 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-02 17:41 - 2014-05-06 10:27 - 00000000 ____D () C:\Windows\system32\log
2015-02-02 15:58 - 2014-08-30 17:30 - 00000000 ____D () C:\Users\Richi\Documents\My Games
2015-02-02 15:44 - 2014-08-08 13:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-01 21:33 - 2014-03-05 14:43 - 00000000 ____D () C:\Windows\pss
2015-02-01 21:32 - 2014-12-14 02:33 - 00000000 ____D () C:\Users\Richi\AppData\Local\LogMeIn Hamachi
2015-02-01 10:55 - 2014-09-08 18:54 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\.minecraft
2015-01-31 22:00 - 2014-09-13 07:17 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-31 20:26 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-31 20:25 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-31 13:26 - 2014-03-28 12:40 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-30 23:42 - 2014-03-06 13:58 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Skype
2015-01-30 22:50 - 2014-12-20 22:07 - 02448896 _____ (Megaify Software ) C:\Users\Richi\Downloads\driver_setup.exe
2015-01-30 22:50 - 2014-12-19 12:03 - 01143808 _____ (LanTricks.com ) C:\Users\Richi\Downloads\lanspy_setup.exe
2015-01-30 22:49 - 2014-12-23 20:56 - 05403136 _____ (Canneverbe Limited ) C:\Users\Richi\Downloads\cdbxp_setup_4.5.4.5143_minimal.exe
2015-01-30 22:26 - 2014-04-22 18:49 - 00000000 ____D () C:\Users\Richi\.VirtualBox
2015-01-30 22:23 - 2014-03-04 23:11 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\TS3Client
2015-01-30 15:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-30 14:27 - 2014-09-19 15:34 - 00000000 ____D () C:\Users\Richi\Desktop\FTB
2015-01-30 11:23 - 2014-07-30 13:42 - 00000000 ____D () C:\Users\Tati\AppData\Local\LogMeIn Hamachi
2015-01-29 21:32 - 2014-08-07 21:04 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\vlc
2015-01-29 11:36 - 2014-07-14 22:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 14:20 - 2014-11-18 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-26 14:20 - 2014-08-25 13:10 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 14:19 - 2014-11-18 20:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-26 14:19 - 2014-11-17 23:24 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-26 14:19 - 2014-03-04 12:28 - 00000000 ____D () C:\Program Files\Java
2015-01-26 14:07 - 2014-02-17 19:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 14:07 - 2014-02-17 19:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-26 14:07 - 2014-02-17 19:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 13:35 - 2014-03-06 20:24 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-24 13:35 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-24 03:42 - 2014-12-10 21:44 - 00000000 ____D () C:\Users\Richi\AppData\Local\Ubisoft Game Launcher
2015-01-23 23:38 - 2014-08-14 01:29 - 00305938 _____ () C:\Windows\DirectX.log
2015-01-23 23:33 - 2014-12-10 21:56 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-01-23 23:33 - 2014-02-17 19:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-23 18:39 - 2014-05-30 18:13 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-23 18:39 - 2014-05-30 18:13 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-22 20:56 - 2010-11-21 07:50 - 00700500 _____ () C:\Windows\system32\perfh007.dat
2015-01-22 20:56 - 2010-11-21 07:50 - 00150138 _____ () C:\Windows\system32\perfc007.dat
2015-01-22 20:56 - 2009-07-14 06:13 - 01624234 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 20:05 - 2014-03-04 14:45 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-22 19:50 - 2014-10-22 10:28 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-22 19:50 - 2014-05-11 19:43 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-22 10:40 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-01-19 18:24 - 2014-08-04 23:51 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\uTorrent
2015-01-18 20:52 - 2014-12-17 13:18 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-16 16:40 - 2014-03-05 07:34 - 00129616 _____ () C:\Users\Tati\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 11:45 - 2014-03-04 11:39 - 00129616 _____ () C:\Users\Richi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 11:45 - 2009-07-14 05:45 - 05182328 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 17:29 - 2014-03-05 12:47 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:24 - 2014-03-05 12:47 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 11:32 - 2014-07-22 12:11 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-13 17:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-12 21:40 - 2014-12-17 13:17 - 00000000 ____D () C:\Users\Richi\AppData\Local\JDownloader v2.0
2015-01-09 14:33 - 2014-06-03 12:35 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Craften Terminal
2015-01-09 13:13 - 2014-09-20 13:17 - 00110852 _____ () C:\Windows\DPINST.LOG
2015-01-07 13:34 - 2014-06-06 11:13 - 00000000 ____D () C:\ProgramData\Logishrd
2015-01-07 13:34 - 2014-06-06 10:56 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2015-01-07 13:21 - 2014-06-06 10:56 - 00000000 ____D () C:\Users\Richi\AppData\Roaming\Logishrd
2015-01-07 11:37 - 2014-03-05 11:52 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-06 21:38 - 2014-12-30 19:19 - 00045556 _____ () C:\Users\Tati\Desktop\Depind de tine.pptx
2015-01-05 13:27 - 2014-12-30 19:02 - 00044274 _____ () C:\Users\Tati\Desktop\Credincios e Isus.pptx
2015-01-03 19:18 - 2014-03-06 13:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-03 19:18 - 2014-03-06 13:57 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2014-03-13 21:59 - 2014-03-13 21:59 - 0000078 _____ () C:\Users\Richi\AppData\Roaming\.ettercap_gtk
2014-08-05 00:52 - 2014-10-01 18:35 - 0000132 _____ () C:\Users\Richi\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-09 19:31 - 2014-08-21 18:16 - 0000132 _____ () C:\Users\Richi\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-03-04 13:54 - 2014-07-07 16:49 - 0000624 _____ () C:\Users\Richi\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-03-21 11:05 - 2014-05-21 10:16 - 0000281 _____ () C:\Users\Richi\AppData\Roaming\GPU MeterV2_Settings.ini
2014-04-10 19:22 - 2014-05-07 16:54 - 0000017 _____ () C:\Users\Richi\AppData\Roaming\Network Meter_Usage.ini
2014-05-03 19:38 - 2014-05-03 19:38 - 0050108 _____ () C:\Users\Richi\AppData\Roaming\sample.wav
2014-08-19 20:54 - 2014-08-19 20:54 - 0000037 ___SH () C:\Users\Richi\AppData\Local\69ff07055291669bb2b218.72821112
2015-01-21 22:34 - 2015-01-22 16:42 - 0139879 _____ () C:\Users\Richi\AppData\Local\ars.cache
2015-01-22 11:56 - 2015-01-22 16:42 - 0205417 _____ () C:\Users\Richi\AppData\Local\census.cache
2014-06-12 11:02 - 2014-06-12 11:02 - 1065984 _____ () C:\Users\Richi\AppData\Local\file__0.localstorage
2015-01-21 22:19 - 2015-01-22 21:08 - 0000036 _____ () C:\Users\Richi\AppData\Local\housecall.guid.cache
2014-05-03 23:25 - 2014-09-08 20:09 - 0007615 _____ () C:\Users\Richi\AppData\Local\resmon.resmoncfg
2014-06-06 11:19 - 2014-06-06 11:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Richi\IP_Log_Data.js


Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\Quarantine.exe
C:\Users\Richi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 13:19

==================== End Of Log ============================
--- --- ---

--- --- ---



Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Richi at 2015-02-02 20:09:55
Running from C:\Users\Richi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Internet Security (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Akamai NetSession Interface (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{714431C1-0D95-4844-BC9D-081C48729B2D}) (Version: 2.8.11.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.11.0 - Alienware Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9204C155-00EA-6388-9362-01D16FFA114C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11n Network Adapter (HKLM-x32\...\{AFD36BF1-DA28-4702-A83F-C49D03199A0F}) (Version: 07.13.2006 - Broadcom)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Driver Magician 4.1 (HKLM-x32\...\Driver Magician_is1) (Version:  - GoldSolution Software, Inc.)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FileZilla Client 3.8.1 (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.0.1036 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LanSpy (HKLM-x32\...\LanSpy_is1) (Version:  - LanTricks.com)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Plugin (HKLM-x32\...\InstallShield_{9A81C9E3-EE6E-435C-9A9A-3749D02D8C4A}) (Version: 1.0.0.11 - Alienware)
Media Plugin (x32 Version: 1.0.0.11 - Alienware) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.38 - mIRC Co. Ltd.)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.8.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
RK-WLAN-Keygen (HKLM-x32\...\RK-WLAN-Keygen_is1) (Version: 1.4 - Robert Knapp Software)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteelSeries Engine 3.3.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.2 - SteelSeries ApS)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium)
The Crew (HKLM-x32\...\Steam App 241560) (Version:  - Ivory Tower in collaboration with Ubisoft Reflections)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK)
Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
Unity Web Player (HKU\S-1-5-21-1822456779-1171189387-2754077004-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wireshark 1.10.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1822456779-1171189387-2754077004-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-05 20:07 - 2015-01-31 20:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01F09678-7DE2-4C99-AA95-85C9384ADB34} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {03269AB2-0EF4-4297-AB3A-6D07B3772B6E} - System32\Tasks\{8A8BD022-D74B-42A0-8B14-F89A039E1405} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\Support\Software\VCRedist\vcredist_x64.exe" -d "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\Support\Software\VCRedist"
Task: {10A47AA9-6469-459A-9671-707587BA6A54} - System32\Tasks\{97D746AA-0ABC-4C22-B5B2-AA66EE0CADAB} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {190C6A97-ED24-4E80-8472-E8904AC47B73} - System32\Tasks\{C89E7DF8-E218-4205-B78B-BED9F7FB9CCF} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {233A202C-BBCC-41AB-A123-D70F35B4A058} - System32\Tasks\{82F15E27-6169-45D2-9229-BCF633CD17DB} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {25034A6C-D2DA-41CD-A00F-5A103281484A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {298DB1C1-3441-4F68-82E9-9E998596F3ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {3A1F0EB6-CAA6-450E-9CEA-D5AA0F268D85} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {3D6110FB-5211-4702-857B-FF1B18DF2E64} - System32\Tasks\{FC9ED06D-58AE-4928-90AA-916E4E5B1E27} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {3EA28AD9-E99D-4C26-9622-4B26FB73F6BF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {4331D3A1-4E53-4B4B-8978-15D44AE8091D} - System32\Tasks\{91CF4576-EB27-4449-9D3F-68C52436B2C7} => pcalua.exe -a "C:\Users\Richi\Downloads\Forge 1.7.2.exe" -d C:\Users\Richi\Downloads
Task: {7034D545-34B4-48EB-AB99-880E9C97B3EE} - System32\Tasks\{E8F92B7A-88B6-4EDD-BCA3-3DF5AAFC451F} => pcalua.exe -a F:\DirectX\dxsetup.exe -d F:\DirectX
Task: {72062924-B3F7-41E0-9A65-61911FC4E30A} - System32\Tasks\{98A4FB42-E283-4081-8D5F-FB7DAD30CF0A} => C:\Users\Richi\Desktop\watchdogs\Watch.Dogs.Hotfix-RELOADED\Watch.Dogs.Hotfix-RELOADED\rld-watdoghf\Update\setup.exe
Task: {775AE2C1-6FD3-41FF-9C5C-07A96A1B9192} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {86FC62C4-E4CA-4417-9D46-585E49F949C1} - System32\Tasks\{C39FA969-AF8B-43F1-8B0A-FBCF666BEAB2} => pcalua.exe -a "C:\Program Files (x86)\Counter-Strike\Uninstall.exe" -d "C:\Program Files (x86)\Counter-Strike"
Task: {96A8C17B-AF37-4259-8DF7-6BA7BBFA2CE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A082B8F2-E33C-4840-86D6-72CC4198CEE8} - System32\Tasks\{4AB226FA-4AC1-41F6-BC9B-B05C2066F55E} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {AE4928FF-2DE2-46BF-89EA-272F4D05A68E} - System32\Tasks\{719C3DAF-C7EF-4A20-8D7B-300ED801A63F} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\GDFInstall.exe" -d "C:\Program Files (x86)\Ubisoft\Assassins Creed Unity"
Task: {C60EE4F2-E2C0-4049-81A4-F8AFAF636E5F} - System32\Tasks\{8EC58188-CC01-48EB-8D31-D367B09D284A} => pcalua.exe -a C:\Users\Richi\Downloads\VirtualBox-4.3.12-93733-Win.exe -d C:\Users\Richi\Downloads
Task: {CD688EF1-2C2F-4595-A33C-9B57BF0900F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D37C6176-B776-47C7-A6A1-31CE1FD795B8} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {D4A52FDA-7428-4BBC-8E50-E6411456F1FB} - System32\Tasks\{1042D38F-6D18-4371-85C1-6E265166D424} => pcalua.exe -a F:\Macromedia\Shockwave_Installer_Full.exe -d F:\Macromedia
Task: {D845D82E-DC6C-45B8-A7E7-C2F441382391} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DFFF8039-FF83-47E1-B47D-56C8D3ECE493} - System32\Tasks\{84F4FFC9-8E52-4EB3-95CA-9624D0CEB515} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {E82B2D18-FD00-4074-80D2-35D94D388ECA} - System32\Tasks\{13307364-7B68-47D8-99B8-F716B8C23E0E} => pcalua.exe -a C:\Users\Richi\Downloads\rescue2usb.exe -d C:\Users\Richi\Downloads
Task: {EC530191-08C3-4E72-9E99-ADA4A0177886} - System32\Tasks\{F608305E-1535-4E95-89AF-6A0378D21549} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {F367FB0E-6B2D-4300-8658-62707A6BF3BF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F39AD2C3-9941-43A6-B2FB-B0B9D0992047} - System32\Tasks\{E735A51E-BB5F-4837-AF17-53D924B2294D} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: {FF9210B0-CD0B-43ED-8263-52E18C8354DD} - System32\Tasks\{B98DF90F-BC2A-4454-BEF8-498B21BD88E8} => C:\Program Files (x86)\Ubisoft\Assassins Creed Unity\ACU.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:19 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131