Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Do Searches

Do Searches


Plagegeister aller Art und deren Bekämpfung: Do Searches

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 25.12.2013, 21:46   #1
Sakurako137
 
Do Searches - Standard

Do Searches


wenn ich meinen Internet Explorer öffne öffnet sich jedesmal Do Searches als Startseite obwohl ich leere seite eingestellt habe Ich brauche dringend hilfe

Alt 25.12.2013, 23:41   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Do Searches - Standard

Do Searches


Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 26.12.2013, 00:19   #3
Sakurako137
 
Do Searches - Standard

Do Searches


Ich habe keine alten logs ich lasse grade Malwarebytes durchlaufen


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2013
Ran by Paddy (administrator) on PADDY-PC on 26-12-2013 00:14:56
Running from C:\Users\Paddy\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe
() C:\Program Files\SoftwareUpdater\UpdaterService.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Aeria Ignite] - C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-05] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
AppInit_DLLs: |œ/ [ ] ()
IFEO\aeriaignite.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ccleaner.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\dw20.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\epmstartloader.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\finder.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mspview.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\overwolflauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\owuninstaller.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\proflwiz.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8061B8F4A024CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.delta-search.com/?affID=121561&tt=190313_wo3&babsrc=HP_ss&mntrId=E8A590E6BA4ED462
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E8A590E6BA4ED462&affID=120695&tsp=4932
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} -  No File
URLSearchHook: HKCU - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=sc&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196
SearchScopes: HKLM - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {7863768C-0074-4B11-98DF-DA393E04CCD4}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {DEFFDD02-590A-4A0A-95E1-8F8ECEEACFC6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: OKitSpace Object - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Paddy\AppData\Roaming\okitspace\IE\OkitSpace.dll ()
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\aed6677c-c927-4858-ba8c-7a232a32db49.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: DealPly  Shopping - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\addon@dealplyshopping.com
FF Extension: Amazon-Icon - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\amazon-icon@winload.de
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\staged
FF Extension: PriceGong - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
FF Extension: Bitdefender QuickScan - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: PricePeep - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF HKLM\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Paddy\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Paddy\AppData\Roaming\Helper
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

========================== Services (Whitelisted) =================

R2 FreemiumSystemStoreService; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-13] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145088 2013-11-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [643608 2013-11-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-11-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation)
S4 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 srvPlgProtect; C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe [90112 2013-11-13] ()
R2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [29696 2013-11-05] ()
R2 SystemStore; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-30] (TuneUp Software)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-11-03] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-01] (Wondershare)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-11-04] (McAfee, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-12-25] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [66296 2013-09-09] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133992 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236000 2013-11-04] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365416 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [572528 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [319808 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80752 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213392 2013-11-04] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nusbhost; C:\Windows\System32\DRIVERS\nusbhst.sys [13824 2006-12-29] (SC)
R3 NUSBHUB; C:\Windows\System32\DRIVERS\nusbhub.sys [35840 2006-12-29] (SC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation)
R2 persg; C:\Windows\System32\DRIVERS\persg.sys [25176 2012-04-19] ()
R2 SBKUPNT; C:\Windows\system32\Drivers\SBKUPNT.SYS [14976 2001-07-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-04-20] (RapidSolution Software AG)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-26 00:14 - 2013-12-26 00:14 - 00022915 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-12-26 00:13 - 2013-12-26 00:13 - 01061649 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-12-25 23:23 - 2013-12-25 23:23 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-12-25 22:22 - 2013-12-25 23:06 - 00000000 ___DC C:\Users\Paddy\Desktop\Bilder
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:37 - 00000336 _____ C:\Windows\setupact.log
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 21:17 - 2013-12-25 21:19 - 00002480 _____ C:\Windows\logboot_25.12.2013.tureg.log
2013-12-25 01:20 - 2013-12-25 23:25 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-25 00:50 - 2013-04-11 14:10 - 02498216 _____ C:\Windows\system32\BootMan.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\system32\setupempdrv03.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\system32\EuEpmGdi.dll
2013-12-25 00:50 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\system32\epmntdrv.sys
2013-12-25 00:50 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\system32\EuGdiDrv.sys
2013-12-24 21:33 - 2013-12-24 21:33 - 00000550 _____ C:\Windows\SWISV3.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000308 _____ C:\Windows\SKNIFE.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000000 ___DC C:\Program Files\SWISSKNIFE
2013-12-24 21:33 - 2001-07-13 13:56 - 00014976 _____ C:\Windows\system32\Drivers\SBKUPNT.SYS
2013-12-24 21:33 - 1997-02-08 17:11 - 00013312 _____ C:\Windows\system32\DEVLOAD.EXE
2013-12-24 21:14 - 2010-04-26 11:41 - 00002944 _____ C:\Windows\SKLANG.INI
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 16:19 - 2013-09-23 13:48 - 00147912 ____C (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 01:01 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-10-30 10:45 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-19 01:00 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-19 00:59 - 2013-12-19 01:01 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 00:58 - 2013-12-19 01:05 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 03:05 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 03:05 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 03:05 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 03:05 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 03:05 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-13 03:05 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-13 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-13 03:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 03:05 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 03:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-13 03:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-13 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 03:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 03:01 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 03:01 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-12 12:29 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 12:29 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 12:29 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 12:29 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 12:29 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 12:29 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 12:29 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 12:29 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 12:29 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 12:29 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 12:29 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:55 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS
2013-12-03 15:47 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ___DC C:\Program Files\AGEIA Technologies
2013-12-02 18:14 - 2013-11-14 12:57 - 22951200 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 10446112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-02 18:14 - 2013-11-14 12:57 - 09663656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 09619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233182.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233182.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco32.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00609568 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00562464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2013-12-02 18:14 - 2013-11-14 12:57 - 00068384 _____ (NVIDIA Corporation) C:\Windows\system32\nvapo32v.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2013-12-02 16:39 - 2013-12-02 16:39 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA Corporation
2013-12-02 16:39 - 2013-11-29 17:56 - 00979744 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-12-02 16:38 - 2013-10-30 18:03 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-12-02 16:38 - 2013-10-30 18:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-11-26 22:06 - 2013-11-26 22:06 - 00319808 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencbdc.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00080752 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencrk.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00010152 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnrk.sys
2013-11-26 11:36 - 2013-11-26 11:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 11:36 - 2013-11-26 11:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 11:36 - 2013-11-26 11:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 11:36 - 2013-11-26 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2013-12-26 00:15 - 2013-12-26 00:14 - 00022915 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-12-26 00:15 - 2013-09-21 20:00 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 00:13 - 2013-12-26 00:13 - 01061649 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-12-25 23:53 - 2012-06-03 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\PMB Files
2013-12-25 23:53 - 2012-04-27 19:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-25 23:25 - 2013-12-25 01:20 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2013-12-25 23:23 - 2013-12-25 23:23 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-12-25 23:23 - 2013-09-21 20:00 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-25 23:10 - 2013-02-23 22:28 - 00000000 ___DC C:\FFOutput
2013-12-25 23:06 - 2013-12-25 22:22 - 00000000 ___DC C:\Users\Paddy\Desktop\Bilder
2013-12-25 23:03 - 2013-11-15 14:42 - 01094226 _____ C:\Windows\WindowsUpdate.log
2013-12-25 21:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-25 21:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-25 21:37 - 2013-12-25 21:20 - 00000336 _____ C:\Windows\setupact.log
2013-12-25 21:37 - 2012-04-27 18:16 - 00000000 ___DC C:\ProgramData\NVIDIA
2013-12-25 21:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 21:20 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy
2013-12-25 21:19 - 2013-12-25 21:17 - 00002480 _____ C:\Windows\logboot_25.12.2013.tureg.log
2013-12-25 21:19 - 2009-07-14 03:03 - 45875200 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 22806528 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old
2013-12-25 21:15 - 2009-07-14 03:03 - 29097984 _____ C:\Windows\system32\config\COMPONENTS_tureg_old
2013-12-25 21:14 - 2009-07-14 03:03 - 01048576 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2013-12-25 20:44 - 2009-07-14 03:03 - 00024576 _____ C:\Windows\system32\config\SAM_tureg_old
2013-12-25 18:49 - 2012-05-16 20:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-25 10:43 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\McAfee
2013-12-25 10:37 - 2012-04-27 18:13 - 00365334 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 01:20 - 2012-04-27 18:39 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Depots
2013-12-25 01:18 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\Common Files\Mcafee
2013-12-25 01:18 - 2012-04-27 18:32 - 00000000 ___DC C:\ProgramData\McAfee
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-24 21:33 - 2013-12-24 21:33 - 00000550 _____ C:\Windows\SWISV3.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000308 _____ C:\Windows\SKNIFE.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000000 ___DC C:\Program Files\SWISSKNIFE
2013-12-23 22:14 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 21:09 - 2013-07-27 17:05 - 00000000 ___DC C:\ProgramData\TuneUp Software
2013-12-23 13:31 - 2013-03-31 16:11 - 00000000 ____D C:\Users\Paddy\Documents\18 WoS Extreme Trucker
2013-12-23 01:01 - 2013-09-11 16:48 - 00000000 ___DC C:\Users\Paddy\Desktop\Handy
2013-12-22 01:40 - 2012-04-27 18:55 - 00000000 ____D C:\Windows\Panther
2013-12-20 02:04 - 2012-04-28 16:59 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\vlc
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 18:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-19 17:16 - 2012-05-16 23:01 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Windows Live
2013-12-19 05:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-19 04:46 - 2013-11-04 17:08 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-12-19 04:43 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-12-19 04:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-19 01:05 - 2013-12-19 00:58 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-19 01:05 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-12-19 01:01 - 2013-12-19 00:59 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-07-27 17:07 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\TuneUp Software
2013-12-19 00:37 - 2012-07-09 13:38 - 00000000 ___DC C:\Users\Paddy\Desktop\Programme
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:31 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-12-13 03:05 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-12-13 03:04 - 2013-08-15 02:30 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 03:02 - 2012-05-02 10:03 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-12 14:55 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Steam
2013-12-11 19:53 - 2012-04-27 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 19:53 - 2012-04-27 19:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 23:18 - 2013-02-21 16:45 - 00000000 ___DC C:\Program Files\Google
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:55 - 2013-12-09 23:17 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:18 - 2013-04-20 23:07 - 00000000 ___DC C:\ProgramData\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-09 20:02 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Apps\2.0
2013-12-09 16:47 - 2013-09-03 00:41 - 00000000 ___DC C:\Riot Games
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ___DC C:\Program Files\AGEIA Technologies
2013-12-02 18:19 - 2012-07-12 20:41 - 00000000 ___DC C:\ProgramData\NVIDIA Corporation
2013-12-02 18:19 - 2012-07-12 20:40 - 00000000 ___DC C:\Program Files\NVIDIA Corporation
2013-12-02 17:58 - 2013-07-01 20:47 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA
2013-12-02 16:39 - 2013-12-02 16:39 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA Corporation
2013-12-01 18:13 - 2012-05-26 20:59 - 00000000 _SHDC C:\AI_RecycleBin
2013-12-01 18:13 - 2012-05-04 20:55 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-11-29 23:59 - 2012-11-24 00:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Google
2013-11-29 23:58 - 2013-11-15 11:38 - 00000000 ___DC C:\ProgramData\Google
2013-11-29 17:56 - 2013-12-02 16:39 - 00979744 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-11-26 22:06 - 2013-11-26 22:06 - 00319808 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencbdc.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00080752 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencrk.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00010152 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnrk.sys
2013-11-26 11:36 - 2013-11-26 11:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 11:36 - 2013-11-26 11:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 11:36 - 2013-11-26 11:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 11:36 - 2013-11-26 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 11:11 - 2013-12-13 03:05 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-13 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-13 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-13 03:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-13 03:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-13 03:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:38 - 2013-12-13 03:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:36 - 2013-12-13 03:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-13 03:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-13 03:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-13 03:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-13 03:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-13 03:05 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-13 03:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 08:32 - 2013-12-13 03:05 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-13 03:05 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-13 03:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-13 03:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-13 03:05 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

Files to move or delete:
====================
C:\Users\Paddy\AppData\Roaming\skype.ini
C:\ProgramData\dsgsdgdsgdsgw.pad


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-22 18:14

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2013
Ran by Paddy (administrator) on PADDY-PC on 26-12-2013 00:14:56
Running from C:\Users\Paddy\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe
() C:\Program Files\SoftwareUpdater\UpdaterService.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Aeria Ignite] - C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-05] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
AppInit_DLLs: |œ/ [ ] ()
IFEO\aeriaignite.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ccleaner.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\dw20.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\epmstartloader.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\finder.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mspview.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\overwolflauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\owuninstaller.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\proflwiz.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8061B8F4A024CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.delta-search.com/?affID=121561&tt=190313_wo3&babsrc=HP_ss&mntrId=E8A590E6BA4ED462
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E8A590E6BA4ED462&affID=120695&tsp=4932
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} -  No File
URLSearchHook: HKCU - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=sc&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196
SearchScopes: HKLM - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {7863768C-0074-4B11-98DF-DA393E04CCD4}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {DEFFDD02-590A-4A0A-95E1-8F8ECEEACFC6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: OKitSpace Object - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Paddy\AppData\Roaming\okitspace\IE\OkitSpace.dll ()
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\aed6677c-c927-4858-ba8c-7a232a32db49.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: DealPly  Shopping - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\addon@dealplyshopping.com
FF Extension: Amazon-Icon - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\amazon-icon@winload.de
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\staged
FF Extension: PriceGong - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
FF Extension: Bitdefender QuickScan - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: PricePeep - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF HKLM\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Paddy\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Paddy\AppData\Roaming\Helper
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

========================== Services (Whitelisted) =================

R2 FreemiumSystemStoreService; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-13] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145088 2013-11-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [643608 2013-11-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-11-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation)
S4 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 srvPlgProtect; C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe [90112 2013-11-13] ()
R2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [29696 2013-11-05] ()
R2 SystemStore; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-30] (TuneUp Software)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-11-03] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-01] (Wondershare)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-11-04] (McAfee, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-12-25] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [66296 2013-09-09] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133992 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236000 2013-11-04] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365416 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [572528 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [319808 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80752 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213392 2013-11-04] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nusbhost; C:\Windows\System32\DRIVERS\nusbhst.sys [13824 2006-12-29] (SC)
R3 NUSBHUB; C:\Windows\System32\DRIVERS\nusbhub.sys [35840 2006-12-29] (SC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation)
R2 persg; C:\Windows\System32\DRIVERS\persg.sys [25176 2012-04-19] ()
R2 SBKUPNT; C:\Windows\system32\Drivers\SBKUPNT.SYS [14976 2001-07-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-04-20] (RapidSolution Software AG)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-26 00:14 - 2013-12-26 00:14 - 00022915 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-12-26 00:13 - 2013-12-26 00:13 - 01061649 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-12-25 23:23 - 2013-12-25 23:23 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-12-25 22:22 - 2013-12-25 23:06 - 00000000 ___DC C:\Users\Paddy\Desktop\Bilder
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:37 - 00000336 _____ C:\Windows\setupact.log
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 21:17 - 2013-12-25 21:19 - 00002480 _____ C:\Windows\logboot_25.12.2013.tureg.log
2013-12-25 01:20 - 2013-12-25 23:25 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-25 00:50 - 2013-04-11 14:10 - 02498216 _____ C:\Windows\system32\BootMan.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\system32\setupempdrv03.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\system32\EuEpmGdi.dll
2013-12-25 00:50 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\system32\epmntdrv.sys
2013-12-25 00:50 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\system32\EuGdiDrv.sys
2013-12-24 21:33 - 2013-12-24 21:33 - 00000550 _____ C:\Windows\SWISV3.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000308 _____ C:\Windows\SKNIFE.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000000 ___DC C:\Program Files\SWISSKNIFE
2013-12-24 21:33 - 2001-07-13 13:56 - 00014976 _____ C:\Windows\system32\Drivers\SBKUPNT.SYS
2013-12-24 21:33 - 1997-02-08 17:11 - 00013312 _____ C:\Windows\system32\DEVLOAD.EXE
2013-12-24 21:14 - 2010-04-26 11:41 - 00002944 _____ C:\Windows\SKLANG.INI
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 16:19 - 2013-09-23 13:48 - 00147912 ____C (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 01:01 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-10-30 10:45 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-19 01:00 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-19 00:59 - 2013-12-19 01:01 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 00:58 - 2013-12-19 01:05 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 03:05 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 03:05 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 03:05 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 03:05 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 03:05 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-13 03:05 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-13 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-13 03:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 03:05 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 03:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-13 03:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-13 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 03:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 03:01 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 03:01 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-12 12:29 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 12:29 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 12:29 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 12:29 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 12:29 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 12:29 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 12:29 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 12:29 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 12:29 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 12:29 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 12:29 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:55 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS
2013-12-03 15:47 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ___DC C:\Program Files\AGEIA Technologies
2013-12-02 18:14 - 2013-11-14 12:57 - 22951200 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 10446112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-02 18:14 - 2013-11-14 12:57 - 09663656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 09619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233182.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233182.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco32.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00609568 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00562464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2013-12-02 18:14 - 2013-11-14 12:57 - 00068384 _____ (NVIDIA Corporation) C:\Windows\system32\nvapo32v.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2013-12-02 16:39 - 2013-12-02 16:39 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA Corporation
2013-12-02 16:39 - 2013-11-29 17:56 - 00979744 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-12-02 16:38 - 2013-10-30 18:03 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-12-02 16:38 - 2013-10-30 18:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-11-26 22:06 - 2013-11-26 22:06 - 00319808 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencbdc.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00080752 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencrk.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00010152 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnrk.sys
2013-11-26 11:36 - 2013-11-26 11:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 11:36 - 2013-11-26 11:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 11:36 - 2013-11-26 11:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 11:36 - 2013-11-26 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2013-12-26 00:15 - 2013-12-26 00:14 - 00022915 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-12-26 00:15 - 2013-09-21 20:00 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 00:13 - 2013-12-26 00:13 - 01061649 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-12-25 23:53 - 2012-06-03 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\PMB Files
2013-12-25 23:53 - 2012-04-27 19:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-25 23:25 - 2013-12-25 01:20 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2013-12-25 23:23 - 2013-12-25 23:23 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-12-25 23:23 - 2013-09-21 20:00 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-25 23:10 - 2013-02-23 22:28 - 00000000 ___DC C:\FFOutput
2013-12-25 23:06 - 2013-12-25 22:22 - 00000000 ___DC C:\Users\Paddy\Desktop\Bilder
2013-12-25 23:03 - 2013-11-15 14:42 - 01094226 _____ C:\Windows\WindowsUpdate.log
2013-12-25 21:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-25 21:44 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-25 21:37 - 2013-12-25 21:20 - 00000336 _____ C:\Windows\setupact.log
2013-12-25 21:37 - 2012-04-27 18:16 - 00000000 ___DC C:\ProgramData\NVIDIA
2013-12-25 21:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 21:20 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy
2013-12-25 21:19 - 2013-12-25 21:17 - 00002480 _____ C:\Windows\logboot_25.12.2013.tureg.log
2013-12-25 21:19 - 2009-07-14 03:03 - 45875200 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 22806528 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old
2013-12-25 21:15 - 2009-07-14 03:03 - 29097984 _____ C:\Windows\system32\config\COMPONENTS_tureg_old
2013-12-25 21:14 - 2009-07-14 03:03 - 01048576 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2013-12-25 20:44 - 2009-07-14 03:03 - 00024576 _____ C:\Windows\system32\config\SAM_tureg_old
2013-12-25 18:49 - 2012-05-16 20:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-25 10:43 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\McAfee
2013-12-25 10:37 - 2012-04-27 18:13 - 00365334 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 01:20 - 2012-04-27 18:39 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Depots
2013-12-25 01:18 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\Common Files\Mcafee
2013-12-25 01:18 - 2012-04-27 18:32 - 00000000 ___DC C:\ProgramData\McAfee
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-24 21:33 - 2013-12-24 21:33 - 00000550 _____ C:\Windows\SWISV3.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000308 _____ C:\Windows\SKNIFE.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000000 ___DC C:\Program Files\SWISSKNIFE
2013-12-23 22:14 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 21:09 - 2013-07-27 17:05 - 00000000 ___DC C:\ProgramData\TuneUp Software
2013-12-23 13:31 - 2013-03-31 16:11 - 00000000 ____D C:\Users\Paddy\Documents\18 WoS Extreme Trucker
2013-12-23 01:01 - 2013-09-11 16:48 - 00000000 ___DC C:\Users\Paddy\Desktop\Handy
2013-12-22 01:40 - 2012-04-27 18:55 - 00000000 ____D C:\Windows\Panther
2013-12-20 02:04 - 2012-04-28 16:59 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\vlc
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 18:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-19 17:16 - 2012-05-16 23:01 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Windows Live
2013-12-19 05:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-19 04:46 - 2013-11-04 17:08 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-12-19 04:43 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-12-19 04:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-19 01:05 - 2013-12-19 00:58 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-19 01:05 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-12-19 01:01 - 2013-12-19 00:59 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-07-27 17:07 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\TuneUp Software
2013-12-19 00:37 - 2012-07-09 13:38 - 00000000 ___DC C:\Users\Paddy\Desktop\Programme
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:31 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-12-13 03:05 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-12-13 03:04 - 2013-08-15 02:30 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 03:02 - 2012-05-02 10:03 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-12 14:55 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Steam
2013-12-11 19:53 - 2012-04-27 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 19:53 - 2012-04-27 19:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 23:18 - 2013-02-21 16:45 - 00000000 ___DC C:\Program Files\Google
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:55 - 2013-12-09 23:17 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:18 - 2013-04-20 23:07 - 00000000 ___DC C:\ProgramData\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-09 20:02 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Apps\2.0
2013-12-09 16:47 - 2013-09-03 00:41 - 00000000 ___DC C:\Riot Games
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ___DC C:\Program Files\AGEIA Technologies
2013-12-02 18:19 - 2012-07-12 20:41 - 00000000 ___DC C:\ProgramData\NVIDIA Corporation
2013-12-02 18:19 - 2012-07-12 20:40 - 00000000 ___DC C:\Program Files\NVIDIA Corporation
2013-12-02 17:58 - 2013-07-01 20:47 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA
2013-12-02 16:39 - 2013-12-02 16:39 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA Corporation
2013-12-01 18:13 - 2012-05-26 20:59 - 00000000 _SHDC C:\AI_RecycleBin
2013-12-01 18:13 - 2012-05-04 20:55 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-11-29 23:59 - 2012-11-24 00:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Google
2013-11-29 23:58 - 2013-11-15 11:38 - 00000000 ___DC C:\ProgramData\Google
2013-11-29 17:56 - 2013-12-02 16:39 - 00979744 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-11-26 22:06 - 2013-11-26 22:06 - 00319808 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencbdc.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00080752 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencrk.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00010152 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnrk.sys
2013-11-26 11:36 - 2013-11-26 11:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 11:36 - 2013-11-26 11:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 11:36 - 2013-11-26 11:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 11:36 - 2013-11-26 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 11:11 - 2013-12-13 03:05 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-13 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-13 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-13 03:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-13 03:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-13 03:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:38 - 2013-12-13 03:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:36 - 2013-12-13 03:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-13 03:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-13 03:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-13 03:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-13 03:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-13 03:05 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-13 03:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 08:32 - 2013-12-13 03:05 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-13 03:05 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-13 03:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-13 03:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-13 03:05 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

Files to move or delete:
====================
C:\Users\Paddy\AppData\Roaming\skype.ini
C:\ProgramData\dsgsdgdsgdsgw.pad


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-22 18:14

==================== End Of Log ============================
--- --- ---

--- --- ---
__________________
Alt 26.12.2013, 00:59   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Do Searches - Standard

Do Searches


additions-Log fehlt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.12.2013, 01:13   #5
Sakurako137
 
Do Searches - Standard

Do Searches



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2013
Ran by Paddy (administrator) on PADDY-PC on 26-12-2013 01:12:03
Running from C:\Users\Paddy\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe
() C:\Program Files\SoftwareUpdater\UpdaterService.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Aeria Ignite] - C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-05] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
AppInit_DLLs: |œ/ [ ] ()
IFEO\aeriaignite.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ccleaner.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\dw20.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\epmstartloader.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\finder.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mspview.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\overwolflauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\owuninstaller.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\proflwiz.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8061B8F4A024CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.delta-search.com/?affID=121561&tt=190313_wo3&babsrc=HP_ss&mntrId=E8A590E6BA4ED462
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E8A590E6BA4ED462&affID=120695&tsp=4932
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196&type=default&q={searchTerms}
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} -  No File
URLSearchHook: HKCU - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=sc&from=adks&uid=SAMSUNGXHD103UJ_S13PJ90SA07309&ts=1383847196
SearchScopes: HKLM - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {7863768C-0074-4B11-98DF-DA393E04CCD4}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {DEFFDD02-590A-4A0A-95E1-8F8ECEEACFC6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: OKitSpace Object - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Paddy\AppData\Roaming\okitspace\IE\OkitSpace.dll ()
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\aed6677c-c927-4858-ba8c-7a232a32db49.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: DealPly  Shopping - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\addon@dealplyshopping.com
FF Extension: Amazon-Icon - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\amazon-icon@winload.de
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\staged
FF Extension: PriceGong - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
FF Extension: Bitdefender QuickScan - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: PricePeep - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF HKLM\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF Extension: OKitSpace - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Paddy\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Paddy\AppData\Roaming\Helper
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

========================== Services (Whitelisted) =================

R2 FreemiumSystemStoreService; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-13] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145088 2013-11-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [643608 2013-11-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-11-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation)
S4 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 srvPlgProtect; C:\Users\Paddy\AppData\Roaming\okitspace\protect\PluginProtect.exe [90112 2013-11-13] ()
R2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [29696 2013-11-05] ()
R2 SystemStore; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-30] (TuneUp Software)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-11-03] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-01] (Wondershare)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-11-04] (McAfee, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [66296 2013-09-09] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133992 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236000 2013-11-04] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365416 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [572528 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [319808 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80752 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213392 2013-11-04] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nusbhost; C:\Windows\System32\DRIVERS\nusbhst.sys [13824 2006-12-29] (SC)
R3 NUSBHUB; C:\Windows\System32\DRIVERS\nusbhub.sys [35840 2006-12-29] (SC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation)
R2 persg; C:\Windows\System32\DRIVERS\persg.sys [25176 2012-04-19] ()
R2 SBKUPNT; C:\Windows\system32\Drivers\SBKUPNT.SYS [14976 2001-07-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-04-20] (RapidSolution Software AG)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S4 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-26 00:14 - 2013-12-26 01:12 - 00023023 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-12-26 00:13 - 2013-12-26 00:13 - 01061649 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-12-25 22:22 - 2013-12-25 23:06 - 00000000 ___DC C:\Users\Paddy\Desktop\Bilder
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:37 - 00000336 _____ C:\Windows\setupact.log
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 21:17 - 2013-12-25 21:19 - 00002480 _____ C:\Windows\logboot_25.12.2013.tureg.log
2013-12-25 01:20 - 2013-12-25 23:25 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-25 00:50 - 2013-04-11 14:10 - 02498216 _____ C:\Windows\system32\BootMan.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\system32\setupempdrv03.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\system32\EuEpmGdi.dll
2013-12-25 00:50 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\system32\epmntdrv.sys
2013-12-25 00:50 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\system32\EuGdiDrv.sys
2013-12-24 21:33 - 2013-12-24 21:33 - 00000550 _____ C:\Windows\SWISV3.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000308 _____ C:\Windows\SKNIFE.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000000 ___DC C:\Program Files\SWISSKNIFE
2013-12-24 21:33 - 2001-07-13 13:56 - 00014976 _____ C:\Windows\system32\Drivers\SBKUPNT.SYS
2013-12-24 21:33 - 1997-02-08 17:11 - 00013312 _____ C:\Windows\system32\DEVLOAD.EXE
2013-12-24 21:14 - 2010-04-26 11:41 - 00002944 _____ C:\Windows\SKLANG.INI
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 16:19 - 2013-09-23 13:48 - 00147912 ____C (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 01:01 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-10-30 10:45 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-19 01:00 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-19 00:59 - 2013-12-19 01:01 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 00:58 - 2013-12-19 01:05 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 03:05 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 03:05 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 03:05 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 03:05 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 03:05 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-13 03:05 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-13 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-13 03:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 03:05 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 03:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-13 03:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-13 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 03:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 03:01 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 03:01 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-12 12:29 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 12:29 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 12:29 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 12:29 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 12:29 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 12:29 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 12:29 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 12:29 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 12:29 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 12:29 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 12:29 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:55 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS
2013-12-03 15:47 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ___DC C:\Program Files\AGEIA Technologies
2013-12-02 18:14 - 2013-11-14 12:57 - 22951200 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 10446112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-02 18:14 - 2013-11-14 12:57 - 09663656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 09619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233182.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233182.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco32.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00609568 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00562464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2013-12-02 18:14 - 2013-11-14 12:57 - 00068384 _____ (NVIDIA Corporation) C:\Windows\system32\nvapo32v.dll
2013-12-02 18:14 - 2013-11-14 12:57 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2013-12-02 16:39 - 2013-12-02 16:39 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA Corporation
2013-12-02 16:39 - 2013-11-29 17:56 - 00979744 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-12-02 16:38 - 2013-10-30 18:03 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-12-02 16:38 - 2013-10-30 18:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-11-26 22:06 - 2013-11-26 22:06 - 00319808 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencbdc.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00080752 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencrk.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00010152 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnrk.sys
2013-11-26 11:36 - 2013-11-26 11:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 11:36 - 2013-11-26 11:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 11:36 - 2013-11-26 11:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 11:36 - 2013-11-26 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2013-12-26 01:12 - 2013-12-26 00:14 - 00023023 ____C C:\Users\Paddy\Desktop\FRST.txt
2013-12-26 00:53 - 2012-04-27 19:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-26 00:17 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-26 00:17 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 00:15 - 2013-09-21 20:00 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 00:13 - 2013-12-26 00:13 - 01061649 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2013-12-26 00:09 - 2013-11-15 14:42 - 01094226 _____ C:\Windows\WindowsUpdate.log
2013-12-25 23:53 - 2012-06-03 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\PMB Files
2013-12-25 23:25 - 2013-12-25 01:20 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2013-12-25 23:23 - 2013-09-21 20:00 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-25 23:10 - 2013-02-23 22:28 - 00000000 ___DC C:\FFOutput
2013-12-25 23:06 - 2013-12-25 22:22 - 00000000 ___DC C:\Users\Paddy\Desktop\Bilder
2013-12-25 21:37 - 2013-12-25 21:20 - 00000336 _____ C:\Windows\setupact.log
2013-12-25 21:37 - 2012-04-27 18:16 - 00000000 ___DC C:\ProgramData\NVIDIA
2013-12-25 21:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 21:20 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy
2013-12-25 21:19 - 2013-12-25 21:17 - 00002480 _____ C:\Windows\logboot_25.12.2013.tureg.log
2013-12-25 21:19 - 2009-07-14 03:03 - 45875200 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 22806528 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old
2013-12-25 21:15 - 2009-07-14 03:03 - 29097984 _____ C:\Windows\system32\config\COMPONENTS_tureg_old
2013-12-25 21:14 - 2009-07-14 03:03 - 01048576 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2013-12-25 20:44 - 2009-07-14 03:03 - 00024576 _____ C:\Windows\system32\config\SAM_tureg_old
2013-12-25 18:49 - 2012-05-16 20:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-25 10:43 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\McAfee
2013-12-25 10:37 - 2012-04-27 18:13 - 00365334 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 01:20 - 2012-04-27 18:39 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Depots
2013-12-25 01:18 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\Common Files\Mcafee
2013-12-25 01:18 - 2012-04-27 18:32 - 00000000 ___DC C:\ProgramData\McAfee
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-24 21:33 - 2013-12-24 21:33 - 00000550 _____ C:\Windows\SWISV3.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000308 _____ C:\Windows\SKNIFE.INI
2013-12-24 21:33 - 2013-12-24 21:33 - 00000000 ___DC C:\Program Files\SWISSKNIFE
2013-12-23 22:14 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 21:09 - 2013-07-27 17:05 - 00000000 ___DC C:\ProgramData\TuneUp Software
2013-12-23 13:31 - 2013-03-31 16:11 - 00000000 ____D C:\Users\Paddy\Documents\18 WoS Extreme Trucker
2013-12-23 01:01 - 2013-09-11 16:48 - 00000000 ___DC C:\Users\Paddy\Desktop\Handy
2013-12-22 01:40 - 2012-04-27 18:55 - 00000000 ____D C:\Windows\Panther
2013-12-20 02:04 - 2012-04-28 16:59 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\vlc
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 18:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-19 17:16 - 2012-05-16 23:01 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Windows Live
2013-12-19 05:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-19 04:46 - 2013-11-04 17:08 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-12-19 04:43 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-12-19 04:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-19 01:05 - 2013-12-19 00:58 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-19 01:05 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-12-19 01:01 - 2013-12-19 00:59 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-07-27 17:07 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\TuneUp Software
2013-12-19 00:37 - 2012-07-09 13:38 - 00000000 ___DC C:\Users\Paddy\Desktop\Programme
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:31 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-12-13 03:05 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-12-13 03:04 - 2013-08-15 02:30 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 03:02 - 2012-05-02 10:03 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-12 14:55 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Steam
2013-12-11 19:53 - 2012-04-27 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 19:53 - 2012-04-27 19:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 23:18 - 2013-02-21 16:45 - 00000000 ___DC C:\Program Files\Google
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:55 - 2013-12-09 23:17 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:18 - 2013-04-20 23:07 - 00000000 ___DC C:\ProgramData\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-09 20:02 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Apps\2.0
2013-12-09 16:47 - 2013-09-03 00:41 - 00000000 ___DC C:\Riot Games
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ___DC C:\Program Files\AGEIA Technologies
2013-12-02 18:19 - 2012-07-12 20:41 - 00000000 ___DC C:\ProgramData\NVIDIA Corporation
2013-12-02 18:19 - 2012-07-12 20:40 - 00000000 ___DC C:\Program Files\NVIDIA Corporation
2013-12-02 17:58 - 2013-07-01 20:47 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA
2013-12-02 16:39 - 2013-12-02 16:39 - 00000000 ___DC C:\Users\Paddy\AppData\Local\NVIDIA Corporation
2013-12-01 18:13 - 2012-05-26 20:59 - 00000000 _SHDC C:\AI_RecycleBin
2013-12-01 18:13 - 2012-05-04 20:55 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-11-29 23:59 - 2012-11-24 00:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Google
2013-11-29 23:58 - 2013-11-15 11:38 - 00000000 ___DC C:\ProgramData\Google
2013-11-29 17:56 - 2013-12-02 16:39 - 00979744 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-11-26 22:06 - 2013-11-26 22:06 - 00319808 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencbdc.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00080752 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfencrk.sys
2013-11-26 22:06 - 2013-11-26 22:06 - 00010152 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnrk.sys
2013-11-26 11:36 - 2013-11-26 11:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 11:36 - 2013-11-26 11:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 11:36 - 2013-11-26 11:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 11:36 - 2013-11-26 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 11:36 - 2013-11-26 11:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 11:36 - 2013-11-26 11:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 11:11 - 2013-12-13 03:05 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-13 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-13 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-13 03:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-13 03:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-13 03:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:38 - 2013-12-13 03:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:36 - 2013-12-13 03:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-13 03:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-13 03:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-13 03:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-13 03:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-13 03:05 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-13 03:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 08:32 - 2013-12-13 03:05 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-13 03:05 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-13 03:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-13 03:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-13 03:05 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

Files to move or delete:
====================
C:\Users\Paddy\AppData\Roaming\skype.ini
C:\ProgramData\dsgsdgdsgdsgw.pad


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-22 18:14

==================== End Of Log ============================
--- --- ---
Das ist alles was FRST mir ausgespuckt hat


Alt 26.12.2013, 01:18   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Do Searches - Standard

Do Searches


Du musst auch einen Haken setzen bei additions.txt sonst wirddie nicht erstellt
__________________
--> Do Searches

Alt 26.12.2013, 16:36   #7
Sakurako137
 
Do Searches - Standard

Do Searches


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-12-2013
Ran by Paddy at 2013-12-26 01:39:25
Running from C:\Users\Paddy\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

1193 A.D.
18 WoS Extreme Trucker 1.01 (Version: 1.01)
AdblockIE (Version: 1.2)
Adobe AIR (Version: 3.7.0.1530)
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05)
Aeria Ignite (Version: 1.13.3296)
Akamai NetSession Interface
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon MG5100 series Benutzerregistrierung
Canon MG5100 series MP Drivers
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
CCleaner (Version: 3.25)
Champions of Regnum
CompuApps SwissKnife
Curse Client (HKCU Version: 5.1.1.792)
D3DX10 (Version: 15.4.2368.0902)
Die Polizei 2013
Die Sims - Hokus Pokus
Dota 2
EaseUS Partition Master 9.2.2
Emergency 3 (Version: 1.00.000)
EverQuest Free-to-Play
FormatFactory 3.2.0.1 (Version: 3.2.0.1)
Fotogalerie (Version: 16.4.3508.0205)
Free Window Registry Repair
Free YouTube Download version 3.2.2.426 (Version: 3.2.2.426)
Futuremark SystemInfo (Version: 4.6.0)
Gameforge Live 1.0 "Legend" (Version: 1.0.1694)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.22.3)
Gothic 2 Gold (Version: 1.0.0)
Grand Theft Auto San Andreas (Version: 1.00.00001)
GUILD WARS
GuildWars Visions v1.08
IncrediMail (Version: 6.3.2.5198)
IncrediMail 2.0 (Version: 6.3.2.5198)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Total Protection (Version: 12.8.903)
McAfee Virtual Technician (Version: 6.5.0.2101)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Movie Maker (Version: 16.4.3508.0205)
MSI v2 to redistribute Rigs of Rods (Version: 1.0.0.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
Need for Speed™ SHIFT (Version: 1.0.0.0)
NVIDIA 3D Vision Controller-Treiber 331.82 (Version: 331.82)
NVIDIA 3D Vision Treiber 331.82 (Version: 331.82)
NVIDIA Drivers (Version: 1.3)
NVIDIA GeForce Experience 1.8 (Version: 1.8)
NVIDIA Grafiktreiber 331.82 (Version: 331.82)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.142.992)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3182)
NVIDIA Systemsteuerung 331.82 (Version: 331.82)
NVIDIA Update 10.10.5 (Version: 10.10.5)
NVIDIA Update Core (Version: 10.10.5)
NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12)
Overwolf (Version: 0.47.284)
Pando Media Booster (Version: 2.6.0.8)
Photo Common (Version: 16.4.3508.0205)
Photo Gallery (Version: 16.4.3508.0205)
Revo Uninstaller 1.95 (Version: 1.95)
RollerCoaster Tycoon 3 (Version: 1.00.000)
ROSE Online
ScarletBlade-DE
ScummVM 1.6.0
Shaiya-DE
Shared C Run-time for x86 (Version: 10.0.0)
SHIELD Streaming (Version: 1.6.75)
Shockwave
Skype™ 6.7 (Version: 6.7.102)
Smashmuck Champions
SoftwareUpdater
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
The Elder Scrolls V: Skyrim
The Klub 17 (Version: 6.3.0)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.169)
TuneUp Utilities 2014 (Version: 14.0.1000.169)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.1 (Version: 2.0.1)
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

24-12-2013 07:21:53 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1571E95F-BF4E-49BD-B23F-51767AFBA9A1} - System32\Tasks\Test TimeTrigger => C:\Users\Paddy\AppData\Local\Temp\Runner.exe
Task: {18C707AE-153D-49FE-BC3D-521A2B7B72C2} - System32\Tasks\Express FilesUpdate => C:\Program Files\ExpressFiles\EFUpdater.exe
Task: {1A905698-A3F0-4FAB-A6B0-37B7E26836C6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-437763861-1864287327-3057929401-1000
Task: {37622F7A-26A1-4533-8E6A-20F7D6794924} - System32\Tasks\4679 => Wscript.exe C:\Users\Paddy\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {385A2D42-5806-48CA-955C-338A842FDEDB} - System32\Tasks\{406B864E-4566-46BE-B997-F589D8E06FAE} => F:\Setup.exe
Task: {41EA53C5-4EAE-45CB-8897-3C42DDB687D0} - System32\Tasks\{7E3B6AD0-238C-4AF1-8BE0-F98FFE8D05B3} => C:\Program Files\Happyneuron\Gehirnjogging\Happy_loc.exe
Task: {5D6C83D1-7C9E-4ABE-B956-056A7D9954D6} - System32\Tasks\{891A2A93-AF72-4E81-861B-7DE4049DEDCD} => C:\Users\Paddy\Desktop\Setup.exe
Task: {7A0DCBA2-4B53-41EE-8BEE-233EAA3AD3F7} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {9902EC1F-2CAE-4E97-B45A-610039A3EC45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {9D01F063-1A33-48C0-A3A6-3BB073A06403} - System32\Tasks\{780C1D65-66D1-40F4-BF29-8EDA391C2FD7} => F:\Setup.exe
Task: {A5096CBF-136D-4BCB-AFC4-031BBBC9A982} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {A82AFC90-533E-4056-A412-43CB5ED954D4} - System32\Tasks\{0CA3CD76-AE20-4C4E-9881-3F94EE721B3A} => C:\Users\Paddy\Desktop\Setup.exe
Task: {AA41D76F-E6B5-450B-8274-025BC8E20029} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {AADBDA14-E995-47DA-8884-BAA9C8EFF3DB} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-10-30] (TuneUp Software)
Task: {B13E8115-6061-428C-9E43-112321921F24} - System32\Tasks\{6D429A6E-B5F1-43FA-A919-B89667F95435} => C:\Program Files\Infogrames\Monopoly Tycoon\mc.exe
Task: {B82616D7-0B9E-4B56-901A-A8B22DB863C0} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe
Task: {C3973EA2-4765-464C-A0AC-07C57FADF186} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {C912913D-D3E9-48CA-95DA-D850E2803146} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {D173F4D2-3695-4509-BAFE-73BAFDB10711} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe
Task: {D376D1C3-0B70-4F41-84A9-344BCB04B717} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: {DAF07A6E-543A-43AA-B889-7EC4DFC19C7C} - System32\Tasks\{B68C639E-413F-492A-8284-90FDB3C6F77B} => C:\Program Files\Infogrames\Monopoly Tycoon\mc.exe
Task: {DF220AFF-05A5-41F2-935A-CC2D75946E08} - System32\Tasks\{38102F21-3B6B-4542-9F27-4275459CD8A5} => C:\Program Files\Infogrames\Monopoly Tycoon\mc.exe
Task: {FE7C09C7-A292-4A76-90E8-83DEC12CB588} - System32\Tasks\{2EE93595-2ADA-4781-8DE6-8E02609AF389} => C:\Program Files\Happyneuron\Gehirnjogging\Happy_loc.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-02 01:15 - 2013-11-21 15:04 - 00142848 ____C () C:\Users\Paddy\AppData\Roaming\okitSpace\IE\OkitSpace.dll
2013-11-11 12:46 - 2013-11-11 12:46 - 00138752 ____C () C:\ProgramData\DNSErrorHelper\bho.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:5ACE199E
AlternateDataStreams: C:\ProgramData\TEMP:A2907225
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:E6C6EB3B

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfeapfk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/25/2013 10:50:28 PM) (Source: Application Hang) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 994

Startzeit: 01cf01ba3fac4cb8

Endzeit: 16

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: 8d151cb9-6dae-11e3-a864-90e6ba4ed462

Error: (12/25/2013 10:42:46 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1088

Startzeit: 01cf01b79ea3ca78

Endzeit: 4680

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 78132bf9-6dad-11e3-a864-90e6ba4ed462

Error: (12/25/2013 10:23:45 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 62c

Startzeit: 01cf01b2ddba0178

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: a8fcaf59-6daa-11e3-a864-90e6ba4ed462

Error: (12/25/2013 09:41:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mcshield.exe, Version: 1.1.3.119, Zeitstempel: 0x527d23ec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003224d
ID des fehlerhaften Prozesses: 0xd90
Startzeit der fehlerhaften Anwendung: 0xmcshield.exe0
Pfad der fehlerhaften Anwendung: mcshield.exe1
Pfad des fehlerhaften Moduls: mcshield.exe2
Berichtskennung: mcshield.exe3

Error: (12/25/2013 09:41:36 PM) (Source: AVLogEvent) (User: NT-AUTORITÄT)
Description: McShield crashed.
Error Code:c0000005

Error: (12/25/2013 09:37:58 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/25/2013 09:37:58 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/25/2013 09:34:28 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: be8

Startzeit: 01cf01afe1f62fd0

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: c19dadc1-6da3-11e3-a2fa-90e6ba4ed462

Error: (12/25/2013 09:28:27 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 258

Startzeit: 01cf01aec7cb6a40

Endzeit: 52229

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: fa0620d1-6da2-11e3-a2fa-90e6ba4ed462

Error: (12/25/2013 09:15:39 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1fa4

Startzeit: 01cf01a9b25d2f90

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 25883ab1-6da1-11e3-a47a-90e6ba4ed462


System errors:
=============
Error: (12/26/2013 01:06:11 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:06:06 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:55 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:51 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:47 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:42 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:37 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:30 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:25 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.

Error: (12/26/2013 01:05:18 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR7.


Microsoft Office Sessions:
=========================
Error: (12/25/2013 10:50:28 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.1.7601.1756799401cf01ba3fac4cb816C:\Windows\explorer.exe8d151cb9-6dae-11e3-a864-90e6ba4ed462

Error: (12/25/2013 10:42:46 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17567108801cf01b79ea3ca784680C:\Windows\Explorer.EXE78132bf9-6dad-11e3-a864-90e6ba4ed462

Error: (12/25/2013 10:23:45 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1756762c01cf01b2ddba017860000C:\Windows\Explorer.EXEa8fcaf59-6daa-11e3-a864-90e6ba4ed462

Error: (12/25/2013 09:41:37 PM) (Source: Application Error)(User: )
Description: mcshield.exe1.1.3.119527d23ecntdll.dll6.1.7601.18247521ea91cc00000050003224dd9001cf01b121cacde0C:\Program Files\Common Files\McAfee\AMCore\mcshield.exeC:\Windows\SYSTEM32\ntdll.dllf2f72878-6da4-11e3-a864-90e6ba4ed462

Error: (12/25/2013 09:41:36 PM) (Source: AVLogEvent)(User: NT-AUTORITÄT)
Description: c0000005

Error: (12/25/2013 09:37:58 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/25/2013 09:37:58 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/25/2013 09:34:28 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17567be801cf01afe1f62fd060000C:\Windows\Explorer.EXEc19dadc1-6da3-11e3-a2fa-90e6ba4ed462

Error: (12/25/2013 09:28:27 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1756725801cf01aec7cb6a4052229C:\Windows\Explorer.EXEfa0620d1-6da2-11e3-a2fa-90e6ba4ed462

Error: (12/25/2013 09:15:39 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.175671fa401cf01a9b25d2f9060000C:\Windows\Explorer.EXE25883ab1-6da1-11e3-a47a-90e6ba4ed462


CodeIntegrity Errors:
===================================
  Date: 2013-12-21 15:55:12.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-21 15:55:12.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-21 15:55:12.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-12 12:51:08.215
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-12 12:51:08.215
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-12 12:51:08.215
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-13 02:13:59.342
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-13 02:13:59.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-13 02:13:59.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 14:02:13.182
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 65%
Total physical RAM: 3327.18 MB
Available physical RAM: 1158.04 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 4018.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1889.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:692.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive z: () (Fixed) (Total:931.51 GB) (Free:929.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DAF7DAF7)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DD68839C)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
umd nun?

Alt 26.12.2013, 17:47   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Do Searches - Standard

Do Searches


Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.12.2013, 11:37   #9
Sakurako137
 
Do Searches - Standard

Do Searches


Ich habe das jetzt durch laufen lassen bis er keine Probleme mehr gefunden hat aber do searches ist immer noch da als startseite

Ich hoffe das es das ist
Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 3488800768, free: 1156935680

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 3488800768, free: 1186078720

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 3488800768, free: 1187618816

=======================================


Downloaded database version: v2013.12.26.05
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
     12/26/2013 18:00:28
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\nvsmu.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmf6232.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\nusbhst.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad32v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\nusbhub.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\nvhda32v.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\DRIVERS\persg.sys
\??\C:\Windows\system32\Drivers\SBKUPNT.SYS
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\??\C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86401410
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-4\
Lower Device Object: 0xffffffff85ed4908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86401410, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86403020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86401410, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff862c1918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85ed4908, DeviceName: \Device\Ide\IdeDeviceP3T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DAF7DAF7

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 1953520321
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...
Done!
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccleaner.exe --> [Security.Hijack]
Scan finished
Creating System Restore point...
User declined to cleanup malware.
Cleaning up...
Removal successful. No system shutdown is required.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 3488800768, free: 2457731072

=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 3488800768, free: 2105167872

=======================================
Initializing...
------------ Kernel report ------------
     12/26/2013 20:52:29
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\nvsmu.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmf6232.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\nusbhst.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad32v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\nusbhub.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\nvhda32v.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\DRIVERS\persg.sys
\??\C:\Windows\system32\Drivers\SBKUPNT.SYS
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\??\C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86c00948
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-4\
Lower Device Object: 0xffffffff866f0908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86c00948, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86c00580, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86c00948, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8670e918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff866f0908, DeviceName: \Device\Ide\IdeDeviceP3T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DAF7DAF7

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 1953520321
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...
Done!
Scan Interrupted
Scan Interrupted
Scan Interrupted
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 3488800768, free: 2409893888

Downloaded database version: v2013.12.27.06
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86c00948
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-4\
Lower Device Object: 0xffffffff866f0908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DAF7DAF7

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 1953520321
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...
Done!
Scan Interrupted
Scan Interrupted
Scan Interrupted
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 3488800768, free: 2367139840

=======================================
Initializing...
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86c00948
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-4\
Lower Device Object: 0xffffffff866f0908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DAF7DAF7

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 1953520321
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
andere log file habe ich nicht in dem ordner gefunden es heißt System log

Alt 28.12.2013, 15:51   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Do Searches - Standard

Do Searches


Nein, bitte das richtige Log posten:

Zitat:
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.12.2013, 18:15   #11
Sakurako137
 
Do Searches - Standard

Do Searches


ah ich habe es das ich das zwei mal gemacht habe alle beide aber erst das erste
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.26.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
Paddy :: PADDY-PC [administrator]

26.12.2013 18:00:32
mbar-log-2013-12-26 (18-00-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 323230
Time elapsed: 2 hour(s), 34 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccleaner.exe (Security.Hijack) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
und das zweite
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.27.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
Paddy :: PADDY-PC [administrator]

27.12.2013 23:14:54
mbar-log-2013-12-27 (23-14-54).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 322765
Time elapsed: 1 hour(s), 35 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
ah ich habe es geschafft es selbst zu entfernen vielen dank leute für die Hilfe wenn ich was habe wo ich nicht weiterweiss dann poste ich mal wieder

Alt 29.12.2013, 21:05   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Do Searches - Standard

Do Searches


Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.01.2014, 18:14   #13
Sakurako137
 
Do Searches - Standard

Do Searches


Brauche ich doch nicht mehr habe das wegbekommen

Aber hier noch mal der JRT text
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x86
Ran by Paddy on 01.01.2014 at 18:10:04,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\winload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-437763861-1864287327-3057929401-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update whilokii
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewhilokii_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewhilokii_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\Paddy\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Users\Paddy\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Paddy\appdata\local\big fish"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"
Successfully deleted: [Folder] "C:\Users\Paddy\AppData\Roaming\microsoft\windows\start menu\programs\free window registry repair"
Successfully deleted: [Folder] "C:\Users\Paddy\start menu\programs\browser manager"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\bigfishcache"
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{2BC1F69F-51E4-4975-A530-FBF73421BDA2}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{34C71D5B-0517-493E-AFA1-B3DAF4D8C270}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{41ADAD31-393F-4421-BF31-592560202816}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{4BEC2CF5-3D63-4B1A-AB1C-297BA9338B60}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{51B75A68-867D-43FE-9D04-9CA9B47C50D4}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{5D865A32-EF03-4A95-8990-CEE334769F85}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{61AED262-433E-4FFC-9B7A-1EEE36BC953B}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{6744E6C6-064B-45A1-8FF8-9C822EC71730}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{6AEC55C6-B383-420D-9974-E33057AB48AE}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{6B6F9E18-1832-418B-8C8C-4C58B82823B7}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{6EF06941-A4B8-4BF6-8F7E-C748962E617F}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{7342E40E-670F-4B8C-AE4B-FC21E553A436}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{76F5FE6D-6191-4F78-B64F-F7E4CFF099EC}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{79A21B97-2446-40B5-9EA5-BC31AE2EB3FD}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{7D3D1E7A-DF71-4564-90C5-A67BE013E7C7}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{80810FFA-07AA-4135-AF96-4699F047F2E1}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{83936E15-ADE0-4EF8-866A-65E9E3005FE3}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{8528FDFE-640C-4F8C-85C6-A8FEBD759718}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{8AB3A048-8BD0-41F4-9CBB-90BF12AE516C}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{9C75BEFE-3EE3-45A1-BCF5-418FD8DC6258}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{AA4C5DE2-5CEB-4955-887B-BBDC3A5F7439}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{B86EDCCE-18B8-4B0F-AE9A-B228A123A71B}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{BA985299-BF44-44A0-9F19-69BFBCB0F9E8}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{BE665BEC-940A-4B9A-9059-11BD37802DA0}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{BE80238F-6743-4DAA-8933-7DEE4E69B828}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{D6C80C80-65F7-4584-B1A0-6AB4D909856A}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{D8382936-43A3-4B61-BF33-84B22190BD8E}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{E0CD4EB8-9B3E-441B-A6F3-72B21E1BCF1E}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{E213791D-4C25-47DF-8C0E-4D5E32A8D158}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{E509B68C-AEEE-427D-B879-37588449CEC1}
Successfully deleted: [Empty Folder] C:\Users\Paddy\appdata\local\{F1AFD28B-BEEF-481B-9B2B-DD8A9CED62C4}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.01.2014 at 18:12:46,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 01.01.2014, 19:59   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Do Searches - Standard

Do Searches


Wie du siehst ist da auch noch anderer Müll!
Bitte noch adwCleaner und FRST ausführen
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.01.2014, 20:52   #15
Sakurako137
 
Do Searches - Standard

Do Searches


Hier ADW Ergebniss:
Code:
ATTFilter
# AdwCleaner v3.016 - Bericht erstellt am 02/01/2014 um 20:45:54
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Paddy - PADDY-PC
# Gestartet von : C:\Users\Paddy\Desktop\adwcleaner_3.016.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Windows\System32\Tasks\NCH Software

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v

[ Datei : C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [29689 octets] - [29/12/2013 17:33:25]
AdwCleaner[R1].txt - [979 octets] - [02/01/2014 20:05:16]
AdwCleaner[R2].txt - [1038 octets] - [02/01/2014 20:44:53]
AdwCleaner[S0].txt - [27940 octets] - [29/12/2013 18:09:06]
AdwCleaner[S1].txt - [961 octets] - [02/01/2014 20:45:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1020 octets] ##########
Und hier FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by Paddy (administrator) on PADDY-PC on 02-01-2014 20:49:17
Running from C:\Users\Paddy\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Aeria Ignite] - C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paddy\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-05] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8061B8F4A024CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} -  No File
URLSearchHook: HKCU - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {DEFFDD02-590A-4A0A-95E1-8F8ECEEACFC6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll No File
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\aed6677c-c927-4858-ba8c-7a232a32db49.xml
FF SearchPlugin: C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\Profiles\oadnzpq4.default\searchplugins\badoo.xml
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\Paddy\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Paddy\AppData\Roaming\okitspace\Firefox
FF HKLM\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Paddy\AppData\Roaming\okitSpace\Firefox
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

========================== Services (Whitelisted) =================

R2 FreemiumSystemStoreService; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.exe [7244800 2012-09-13] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
S2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145088 2013-11-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [643608 2013-11-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-11-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation)
S4 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 SystemStore; C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-30] (TuneUp Software)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-11-03] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-01] (Wondershare)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-11-04] (McAfee, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [104664 2013-12-26] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [66296 2013-09-09] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133992 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236000 2013-11-04] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365416 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [572528 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [319808 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80752 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213392 2013-11-04] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nusbhost; C:\Windows\System32\DRIVERS\nusbhst.sys [13824 2006-12-29] (SC)
R3 NUSBHUB; C:\Windows\System32\DRIVERS\nusbhub.sys [35840 2006-12-29] (SC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation)
R2 persg; C:\Windows\System32\DRIVERS\persg.sys [25176 2012-04-19] ()
R2 SBKUPNT; C:\Windows\system32\Drivers\SBKUPNT.SYS [14976 2001-07-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-04-20] (RapidSolution Software AG)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-02 20:49 - 2014-01-02 20:49 - 00016853 ____C C:\Users\Paddy\Desktop\FRST.txt
2014-01-02 20:06 - 2014-01-02 20:06 - 01064581 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2014-01-02 19:49 - 2014-01-02 20:47 - 00000336 _____ C:\Windows\setupact.log
2014-01-02 19:49 - 2014-01-02 19:49 - 00000000 _____ C:\Windows\setuperr.log
2014-01-01 18:12 - 2014-01-01 18:12 - 00007035 ____C C:\Users\Paddy\Desktop\JRT.txt
2014-01-01 18:10 - 2014-01-01 18:10 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 18:09 - 2014-01-01 18:09 - 01036305 ____C (Thisisu) C:\Users\Paddy\Desktop\JRT.exe
2013-12-29 18:40 - 2013-12-29 18:40 - 01233962 ____C C:\Users\Paddy\Desktop\adwcleaner_3.016.exe
2013-12-29 18:40 - 2013-12-29 18:40 - 01233962 _____ C:\Users\Paddy\Downloads\adwcleaner_3.016.exe
2013-12-29 14:12 - 2014-01-02 20:45 - 00000000 ___DC C:\AdwCleaner
2013-12-29 13:23 - 2013-12-29 14:05 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-12-29 13:23 - 2013-12-29 13:23 - 00000000 ___DC C:\Program Files\Enigma Software Group
2013-12-29 13:22 - 2013-12-29 18:11 - 00000470 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2013-12-29 13:22 - 2013-12-29 18:11 - 00000386 _____ C:\Windows\Tasks\RegCure Pro.job
2013-12-26 18:00 - 2013-12-28 01:59 - 00000000 ___DC C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-26 18:00 - 2013-12-26 20:52 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-26 17:58 - 2013-12-27 23:14 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-26 17:57 - 2013-12-26 17:57 - 12582688 ____C (Malwarebytes Corp.) C:\Users\Paddy\Desktop\mbar-1.07.0.1008.exe
2013-12-26 01:45 - 2013-12-29 14:00 - 00013824 ____C C:\Users\Paddy\Desktop\Lets Fish.xls
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 01:20 - 2014-01-02 20:49 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-25 00:50 - 2013-04-11 14:10 - 02498216 _____ C:\Windows\system32\BootMan.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\system32\setupempdrv03.exe
2013-12-25 00:50 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\system32\EuEpmGdi.dll
2013-12-25 00:50 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\system32\epmntdrv.sys
2013-12-25 00:50 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\system32\EuGdiDrv.sys
2013-12-24 21:33 - 2001-07-13 13:56 - 00014976 _____ C:\Windows\system32\Drivers\SBKUPNT.SYS
2013-12-24 21:33 - 1997-02-08 17:11 - 00013312 _____ C:\Windows\system32\DEVLOAD.EXE
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 16:19 - 2013-09-23 13:48 - 00147912 ____C (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 01:01 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-10-30 10:45 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-19 01:00 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-19 00:59 - 2013-12-19 01:01 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 00:58 - 2013-12-19 01:05 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 03:05 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 03:05 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 03:05 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 03:05 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 03:05 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-13 03:05 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-13 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-13 03:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 03:05 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 03:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-13 03:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-13 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 03:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 03:01 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 03:01 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-12 12:29 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 12:29 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 12:29 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 12:29 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 12:29 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 12:29 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 12:29 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 12:29 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 12:29 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 12:29 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 12:29 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:55 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS
2013-12-03 15:47 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-03 15:47 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2014-01-02 20:49 - 2014-01-02 20:49 - 00016853 ____C C:\Users\Paddy\Desktop\FRST.txt
2014-01-02 20:49 - 2013-12-25 01:20 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Tresore
2014-01-02 20:49 - 2012-06-03 16:18 - 00000000 ___DC C:\Users\Paddy\AppData\Local\PMB Files
2014-01-02 20:47 - 2014-01-02 19:49 - 00000336 _____ C:\Windows\setupact.log
2014-01-02 20:47 - 2013-09-21 20:00 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-02 20:47 - 2012-04-27 18:16 - 00000000 ___DC C:\ProgramData\NVIDIA
2014-01-02 20:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-02 20:46 - 2013-11-15 14:42 - 01376541 _____ C:\Windows\WindowsUpdate.log
2014-01-02 20:45 - 2013-12-29 14:12 - 00000000 ___DC C:\AdwCleaner
2014-01-02 20:15 - 2013-09-21 20:00 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-02 20:06 - 2014-01-02 20:06 - 01064581 ____C (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2014-01-02 19:58 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 19:58 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-02 19:53 - 2012-04-27 19:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 19:51 - 2013-03-10 15:14 - 00000000 ___DC C:\Users\Paddy\Desktop\Spiele
2014-01-02 19:49 - 2014-01-02 19:49 - 00000000 _____ C:\Windows\setuperr.log
2014-01-02 19:24 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Steam
2014-01-01 19:05 - 2013-03-31 16:11 - 00000000 ____D C:\Users\Paddy\Documents\18 WoS Extreme Trucker
2014-01-01 18:25 - 2012-04-27 18:13 - 00365334 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 18:12 - 2014-01-01 18:12 - 00007035 ____C C:\Users\Paddy\Desktop\JRT.txt
2014-01-01 18:10 - 2014-01-01 18:10 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 18:09 - 2014-01-01 18:09 - 01036305 ____C (Thisisu) C:\Users\Paddy\Desktop\JRT.exe
2014-01-01 17:48 - 2012-11-23 14:49 - 00000000 ___DC C:\Program Files\Common Files\Steam
2014-01-01 17:20 - 2012-04-27 19:45 - 00000000 __HDC C:\Program Files\InstallShield Installation Information
2013-12-30 15:11 - 2009-07-14 05:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-29 19:33 - 2013-09-11 16:48 - 00000000 ___DC C:\Users\Paddy\Desktop\Handy
2013-12-29 18:40 - 2013-12-29 18:40 - 01233962 ____C C:\Users\Paddy\Desktop\adwcleaner_3.016.exe
2013-12-29 18:40 - 2013-12-29 18:40 - 01233962 _____ C:\Users\Paddy\Downloads\adwcleaner_3.016.exe
2013-12-29 18:11 - 2013-12-29 13:22 - 00000470 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2013-12-29 18:11 - 2013-12-29 13:22 - 00000386 _____ C:\Windows\Tasks\RegCure Pro.job
2013-12-29 18:09 - 2012-04-27 18:11 - 00001148 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-29 14:05 - 2013-12-29 13:23 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-12-29 14:00 - 2013-12-26 01:45 - 00013824 ____C C:\Users\Paddy\Desktop\Lets Fish.xls
2013-12-29 13:23 - 2013-12-29 13:23 - 00000000 ___DC C:\Program Files\Enigma Software Group
2013-12-29 13:23 - 2013-10-19 00:52 - 00000000 ___DC C:\Program Files\Common Files\Wise Installation Wizard
2013-12-28 01:59 - 2013-12-26 18:00 - 00000000 ___DC C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-27 23:14 - 2013-12-26 17:58 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-26 20:52 - 2013-12-26 18:00 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-26 17:57 - 2013-12-26 17:57 - 12582688 ____C (Malwarebytes Corp.) C:\Users\Paddy\Desktop\mbar-1.07.0.1008.exe
2013-12-25 23:10 - 2013-02-23 22:28 - 00000000 ___DC C:\FFOutput
2013-12-25 21:25 - 2013-12-25 21:25 - 00100008 ____C C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:20 - 2013-12-25 21:20 - 03788504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 21:20 - 2012-04-27 18:11 - 00000000 ___DC C:\Users\Paddy
2013-12-25 21:19 - 2009-07-14 03:03 - 45875200 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 22806528 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2013-12-25 21:19 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old
2013-12-25 21:15 - 2009-07-14 03:03 - 29097984 _____ C:\Windows\system32\config\COMPONENTS_tureg_old
2013-12-25 21:14 - 2009-07-14 03:03 - 01048576 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2013-12-25 20:44 - 2009-07-14 03:03 - 00024576 _____ C:\Windows\system32\config\SAM_tureg_old
2013-12-25 18:49 - 2012-05-16 20:37 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-25 10:43 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\McAfee
2013-12-25 01:20 - 2012-04-27 18:39 - 00000000 __RSD C:\Users\Paddy\Documents\McAfee-Depots
2013-12-25 01:18 - 2012-04-27 18:38 - 00000000 ___DC C:\Program Files\Common Files\Mcafee
2013-12-25 01:18 - 2012-04-27 18:32 - 00000000 ___DC C:\ProgramData\McAfee
2013-12-25 00:50 - 2013-12-25 00:50 - 00001349 _____ C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ___DC C:\Program Files\EaseUS
2013-12-23 22:14 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-12-23 21:11 - 2013-12-23 21:11 - 00000000 ___DC C:\Users\Paddy\AppData\Local\McAfee File Lock
2013-12-23 21:09 - 2013-07-27 17:05 - 00000000 ___DC C:\ProgramData\TuneUp Software
2013-12-22 01:40 - 2012-04-27 18:55 - 00000000 ____D C:\Windows\Panther
2013-12-20 02:04 - 2012-04-28 16:59 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\vlc
2013-12-19 19:53 - 2013-12-19 19:53 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Avg2014
2013-12-19 18:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-19 17:16 - 2012-05-16 23:01 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Windows Live
2013-12-19 05:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-19 04:46 - 2013-11-04 17:08 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Overwolf
2013-12-19 04:43 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-12-19 04:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-19 01:05 - 2013-12-19 00:58 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-19 01:05 - 2013-11-12 01:04 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Downloaded Installations
2013-12-19 01:01 - 2013-12-19 00:59 - 00000000 ___DC C:\Program Files\TuneUp Utilities 2014
2013-12-19 01:00 - 2013-12-19 01:00 - 00002155 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-19 01:00 - 2013-12-19 01:00 - 00002135 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-19 01:00 - 2013-07-27 17:07 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\TuneUp Software
2013-12-19 00:37 - 2012-07-09 13:38 - 00000000 ___DC C:\Users\Paddy\Desktop\Programme
2013-12-13 03:31 - 2013-12-13 03:31 - 00000000 ___DC C:\Program Files\Common Files\Overwolf
2013-12-13 03:31 - 2013-11-04 17:20 - 00000000 ___DC C:\Program Files\Overwolf
2013-12-13 03:05 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-12-13 03:04 - 2013-08-15 02:30 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 03:02 - 2012-05-02 10:03 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 23:07 - 2013-12-12 23:07 - 00000000 ____D C:\Users\Paddy\Downloads\Abschlepp-Simulator
2013-12-11 19:53 - 2012-04-27 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 19:53 - 2012-04-27 19:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 23:18 - 2013-12-10 23:18 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 23:18 - 2013-02-21 16:45 - 00000000 ___DC C:\Program Files\Google
2013-12-10 20:53 - 2013-12-10 20:53 - 00000220 ____C C:\Users\Paddy\Desktop\Need for Speed™ SHIFT.lnk
2013-12-10 20:40 - 2013-12-10 20:40 - 00000000 ___DC C:\Program Files\Electronic Arts
2013-12-09 23:55 - 2013-12-09 23:17 - 00000000 ___DC C:\Program Files\Alawar
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ___DC C:\Users\Paddy\AppData\Roaming\YoudaGames
2013-12-09 23:18 - 2013-12-09 23:18 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-09 23:17 - 2013-12-09 23:17 - 00001899 ____C C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00001343 _____ C:\Users\Public\Desktop\18 WoS Extreme Trucker.lnk
2013-12-09 21:29 - 2013-12-09 21:29 - 00000000 ___DC C:\Program Files\18 WoS Extreme Trucker
2013-12-09 20:02 - 2012-06-22 15:24 - 00000000 ___DC C:\Users\Paddy\AppData\Local\Apps\2.0
2013-12-09 16:47 - 2013-09-03 00:41 - 00000000 ___DC C:\Riot Games
2013-12-05 17:29 - 2013-12-05 17:29 - 00000000 ___DC C:\Program Files\I.A.S
2013-12-04 17:04 - 2013-12-04 17:04 - 00000887 _____ C:\Users\Public\Desktop\GUILD WARS.lnk
2013-12-04 17:04 - 2013-12-04 17:04 - 00000000 ___DC C:\Program Files\GUILD WARS

Files to move or delete:
====================
C:\Users\Paddy\AppData\Roaming\skype.ini
C:\ProgramData\dsgsdgdsgdsgw.pad


Some content of TEMP:
====================
C:\Users\Paddy\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-01 16:47

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

der Additions.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-01-2014 01
Ran by Paddy at 2014-01-02 20:50:53
Running from C:\Users\Paddy\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

1193 A.D. (Version:  - )
18 WoS Extreme Trucker 1.01 (Version: 1.01 - )
AdblockIE (Version: 1.2 - af0.net)
Adobe AIR (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05 - Adobe Systems Incorporated)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (Version:  - Akamai Technologies, Inc)
Canon Easy-PhotoPrint EX (Version:  - )
Canon Easy-WebPrint EX (Version:  - )
Canon MG5100 series Benutzerregistrierung (Version:  - )
Canon MG5100 series MP Drivers (Version:  - )
Canon MP Navigator EX 4.0 (Version:  - )
Canon My Printer (Version:  - )
Canon Solution Menu EX (Version:  - )
CCleaner (Version: 3.25 - Piriform)
Curse Client (Version: 5.1.1.792 - Curse)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Die Polizei 2013 (Version:  - Quadriga Games)
Die Sims - Hokus Pokus (Version:  - )
Dota 2 (Version:  - Valve)
EaseUS Partition Master 9.2.2 (Version:  - EaseUS)
Emergency 3 (Version: 1.00.000 - )
FormatFactory 3.2.0.1 (Version: 3.2.0.1 - Free Time)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Window Registry Repair (Version:  - )
Free YouTube Download version 3.2.2.426 (Version: 3.2.2.426 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (Version: 4.6.0 - Futuremark Corporation)
Gameforge Live 1.0 "Legend" (Version: 1.0.1694 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Gothic 2 Gold (Version: 1.0.0 - JoWood)
Grand Theft Auto San Andreas (Version: 1.00.00001 - Rockstar Games)
GUILD WARS (Version:  - )
GuildWars Visions v1.08 (Version:  - Luzzifus, www.guild-wars.info)
IncrediMail (Version: 6.3.2.5198 - IncrediMail) Hidden
IncrediMail 2.0 (Version: 6.3.2.5198 - IncrediMail Ltd.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Total Protection (Version: 12.8.903 - McAfee, Inc.)
McAfee Virtual Technician (Version: 6.5.0.2101 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSI v2 to redistribute Rigs of Rods (Version: 1.0.0.0 - Pricorde)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
Need for Speed™ SHIFT (Version: 1.0.0.0 - Electronic Arts)
Neverwinter (Version:  - Cryptic Studios)
NVIDIA 3D Vision Controller-Treiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.3 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8 (Version: 1.8 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12 - NVIDIA Corporation)
Overwolf (Version: 0.47.284 - Overwolf)
Pando Media Booster (Version: 2.6.0.8 - Pando Networks Inc.)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RegCure Pro (Version: 3.1.7.0 - ParetoLogic, Inc.)
Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 (Version: 1.00.000 - )
ScarletBlade-DE (Version:  - )
ScummVM 1.6.0 (Version:  - The ScummVM Team)
Shaiya-DE (Version:  - )
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden
Shockwave (Version:  - )
Skype™ 6.7 (Version: 6.7.102 - Skype Technologies S.A.)
Steam (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (Version:  - Bethesda Game Studios)
The Klub 17 (Version: 6.3.0 - Team K17)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.169 - TuneUp Software) Hidden
TuneUp Utilities 2014 (Version: 14.0.1000.169 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.169 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.1 (Version: 2.0.1 - VideoLAN)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-Bit) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

28-12-2013 11:17:24 Revo Uninstaller's restore point - Gothic
29-12-2013 12:23:09 Installed SpyHunter
29-12-2013 13:02:44 Revo Uninstaller's restore point - SpyHunter
29-12-2013 13:03:30 Removed SpyHunter
01-01-2014 15:22:39 Windows Update
01-01-2014 16:18:22 Revo Uninstaller's restore point - Gothic
01-01-2014 16:20:49 Revo Uninstaller's restore point - CompuApps SwissKnife
01-01-2014 16:33:54 Revo Uninstaller's restore point - Smashmuck Champions
01-01-2014 16:39:13 Revo Uninstaller's restore point - EverQuest Free-to-Play
01-01-2014 16:41:59 Revo Uninstaller's restore point - ROSE Online
01-01-2014 16:44:31 Revo Uninstaller's restore point - Champions of Regnum

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1571E95F-BF4E-49BD-B23F-51767AFBA9A1} - System32\Tasks\Test TimeTrigger => C:\Users\Paddy\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {1A905698-A3F0-4FAB-A6B0-37B7E26836C6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-437763861-1864287327-3057929401-1000
Task: {37622F7A-26A1-4533-8E6A-20F7D6794924} - System32\Tasks\4679 => Wscript.exe C:\Users\Paddy\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {385A2D42-5806-48CA-955C-338A842FDEDB} - System32\Tasks\{406B864E-4566-46BE-B997-F589D8E06FAE} => F:\Setup.exe
Task: {41EA53C5-4EAE-45CB-8897-3C42DDB687D0} - System32\Tasks\{7E3B6AD0-238C-4AF1-8BE0-F98FFE8D05B3} => C:\Program Files\Happyneuron\Gehirnjogging\Happy_loc.exe
Task: {5D6C83D1-7C9E-4ABE-B956-056A7D9954D6} - System32\Tasks\{891A2A93-AF72-4E81-861B-7DE4049DEDCD} => C:\Users\Paddy\Desktop\Setup.exe
Task: {7A0DCBA2-4B53-41EE-8BEE-233EAA3AD3F7} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {9902EC1F-2CAE-4E97-B45A-610039A3EC45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {9A27192B-8DF2-4FE9-8457-B55DC3A80C5C} - System32\Tasks\RegCure Pro => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: {9D01F063-1A33-48C0-A3A6-3BB073A06403} - System32\Tasks\{780C1D65-66D1-40F4-BF29-8EDA391C2FD7} => F:\Setup.exe
Task: {A5096CBF-136D-4BCB-AFC4-031BBBC9A982} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {A82AFC90-533E-4056-A412-43CB5ED954D4} - System32\Tasks\{0CA3CD76-AE20-4C4E-9881-3F94EE721B3A} => C:\Users\Paddy\Desktop\Setup.exe
Task: {AA41D76F-E6B5-450B-8274-025BC8E20029} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {AADBDA14-E995-47DA-8884-BAA9C8EFF3DB} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-10-30] (TuneUp Software)
Task: {B13E8115-6061-428C-9E43-112321921F24} - System32\Tasks\{6D429A6E-B5F1-43FA-A919-B89667F95435} => C:\Program Files\Infogrames\Monopoly Tycoon\mc.exe
Task: {C3973EA2-4765-464C-A0AC-07C57FADF186} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {C912913D-D3E9-48CA-95DA-D850E2803146} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {D376D1C3-0B70-4F41-84A9-344BCB04B717} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: {DAF07A6E-543A-43AA-B889-7EC4DFC19C7C} - System32\Tasks\{B68C639E-413F-492A-8284-90FDB3C6F77B} => C:\Program Files\Infogrames\Monopoly Tycoon\mc.exe
Task: {DF220AFF-05A5-41F2-935A-CC2D75946E08} - System32\Tasks\{38102F21-3B6B-4542-9F27-4275459CD8A5} => C:\Program Files\Infogrames\Monopoly Tycoon\mc.exe
Task: {FE7C09C7-A292-4A76-90E8-83DEC12CB588} - System32\Tasks\{2EE93595-2ADA-4781-8DE6-8E02609AF389} => C:\Program Files\Happyneuron\Gehirnjogging\Happy_loc.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe

==================== Loaded Modules (whitelisted) =============

2012-07-12 20:41 - 2013-11-11 15:26 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-10-30 10:46 - 2013-10-30 10:46 - 00501560 ____C () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:5ACE199E
AlternateDataStreams: C:\ProgramData\TEMP:A2907225
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:E6C6EB3B

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfeapfk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/02/2014 07:47:50 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [1813]

Error: (01/01/2014 06:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (01/02/2014 08:47:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (01/02/2014 08:47:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (01/02/2014 08:47:41 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (01/02/2014 08:47:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (01/02/2014 08:47:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (01/02/2014 08:47:39 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (01/02/2014 08:47:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (01/02/2014 08:47:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (01/02/2014 08:47:28 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (01/02/2014 08:47:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243


Microsoft Office Sessions:
=========================
Error: (01/02/2014 07:47:50 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to kill already running streamer. [1813]

Error: (01/01/2014 06:25:56 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2013-12-21 15:55:12.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-21 15:55:12.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-21 15:55:12.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-12 12:51:08.215
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-12 12:51:08.215
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-12 12:51:08.215
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-13 02:13:59.342
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-13 02:13:59.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-13 02:13:59.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 14:02:13.182
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 3327.18 MB
Available physical RAM: 2042.13 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 5284.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:709.42 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DAF7DAF7)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Antwort
Seite 1 von 3 1 23

Themen zu Do Searches
als startseite, brauche, do searches, dringend, eingestellt, explorer, gestellt, hilfe, inter, interne, internet, internet explorer, jedesmal, leere, seite, startseite, öffnet


« Windwos XP: Seltsames Verhalten von Google Chrome. Virus? | unerwünschte Werbung und neue Tabs bei fast jedem Klick - Windows8, mozilla Firefox »


Ähnliche Themen: Do Searches


  1. searches.safehomepage / quick_start - entfernen
    Log-Analyse und Auswertung - 03.11.2014 (13)
  2. searches.omiga-plus.com (omiga-plus) entfernen
    Anleitungen, FAQs & Links - 23.07.2014 (2)
  3. searches.safehomepage.com entfernen
    Anleitungen, FAQs & Links - 19.06.2014 (2)
  4. Plus HD 3.8 und Do Searches Viren haben sich in meinem Laptop eingenistet! Wie werde ich sie los?
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (9)
  5. Hartnäckiger Browser Hijacker: "Do Searches"
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Do Searches - wenn ich meinen Internet Explorer öffne öffnet sich jedesmal Do Searches als Startseite obwohl ich leere seite eingestellt habe Ich brauche dringend hilfe - Do Searches...
Archiv
Du betrachtest: Do Searches auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19