Zufälliger Computer Neustart

TheLeX0R · 22.05.2014, 14:05

Hallo,

ich habe seit einigen Tagen folgendes Problem:

Mein Computer startet sich einfach zufällig neu, das kündigt sich damit an, dass ich erst zu sehen bekomme das mein Bildschirm kein Signal mehr empfängt. Kurze Zeit später startet er sich dann neu.
Seit heute bekomme ich im Browser auch vermehrt Pop-up Werbung trotz eines AdBlockers.
Auch Werbeanzeigen wie DigiCoupon etc. habe ich in meinem Browser.
Mein Anti-Viren System (avast) findet aber keinerlei Viren.
Gestern hatte ich ein Programm namens SaveSenseLive auf dem Pc welches von avast in den Container geschoben wurde und ich es darauf hin sofort gelöscht habe.
Dennoch besteht mein Problem immernoch. Das Bild ist einfach für ein paar Sekunden weg und der Pc startet sich wieder neu.
Alles fing damit an, dass ich mir auf nexusmods.com Mods für Skyrim geholt habe.

Ich bitte dringend um Hilfe, sonst sehe ich mich gezwungen mir neue Festplatten zu kaufen, was ich aber ungern tun möchte.

Vielen Dank schonmal im Vorraus!

schrauber · 22.05.2014, 14:12

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

TheLeX0R · 22.05.2014, 14:23

im Anhang die FRST.txt und Addition.txt Dateien,
danke jetzt schonmal für die schnelle Antwort!

schrauber · 23.05.2014, 11:29

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

TheLeX0R · 23.05.2014, 13:43

Achso, tut mir Leid.
Hier Das FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by TheLeX0R (administrator) on THELEX0R-PC on 22-05-2014 15:17:44
Running from C:\Users\TheLeX0R\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Ellora Assets Corp.) D:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Ashampoo Development GmbH & Co. KG) D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Akamai Technologies, Inc.) C:\Users\TheLeX0R\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Akamai Technologies, Inc.) C:\Users\TheLeX0R\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Blizzard Entertainment) D:\Program Files (x86)\Battle.net\Battle.net.4511\Battle.net.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Spotify Ltd) C:\Users\TheLeX0R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Solid State Networks) D:\Program Files (x86)\TERA\TERA-Launcher.exe
() D:\Program Files (x86)\TERA\Client\TL.exe
() D:\Program Files (x86)\TERA\Client\Binaries\TERA.exe
() D:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() D:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] => D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe [2949480 2013-10-08] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-08] (AVAST Software)
HKLM-x32\...\Run: [PowerDVD13Agent] => "D:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13\PowerDVD13Agent.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [4008296 2014-05-12] (Mister Group)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [1775808 2014-05-21] (Valve Corporation)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4270640 2013-03-22] ()
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Akamai NetSession Interface] => C:\Users\TheLeX0R\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Spotify Web Helper] => C:\Users\TheLeX0R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-05-22] (Spotify Ltd)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [ImpulseFastStart] => "C:\Program Files (x86)\Stardock\Impulse\Impulse.exe" /fastload
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Battle.net] => D:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2907184 2014-05-10] (Blizzard Entertainment)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Overwolf] => D:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Facebook Update] => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-11] (Facebook Inc.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\MountPoints2: {1e70355e-92fc-11e2-a7c8-806e6f6e6963} - E:\install.EXE id= ver=1.0.0.0
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\MountPoints2: {a8c362e3-9d25-11e2-98e6-50e549caf6ba} - F:\iLinker.exe
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\MountPoints2: {d72f6c10-7541-11e3-af59-50e549caf6ba} - F:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs:  C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL => C:\Program Files (x86)\SW-Booster\Assistant_x64.dll [4210176 2014-05-01] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
AppInit_DLLs-x32:  c:\progra~2\sw-boo~1\assist~1.dll => C:\Program Files (x86)\SW-Booster\Assistant.dll [4296192 2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (No File)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms}
BHO: NeewSAver - {5C927DFD-EB8C-6B84-197B-F46FFBB781D0} - C:\ProgramData\NeewSAver\NpogM.x64.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -  No File
BHO-x32: NeewSAver - {5C927DFD-EB8C-6B84-197B-F46FFBB781D0} - C:\ProgramData\NeewSAver\NpogM.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DiigeiSaveer - {EC567081-93A5-B348-8F74-867F8FBF636E} - C:\ProgramData\DiigeiSaveer\GO6Mfie5.dll ()
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - D:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\TheLeX0R\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\TheLeX0R\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\TheLeX0R\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\TheLeX0R\AppData\Roaming\Mozilla\Firefox\Profiles\vo6v5vbq.default\extensions\quick_start@gmail.com

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-22]
CHR Extension: (AdBlock) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-09]
CHR Extension: (DigieCoupon) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh [2014-05-21]
CHR Extension: (Google Wallet) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (YouTube Unblocker) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-05-10]
CHR Extension: (Extended Protection) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-05-09]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137096 2013-02-06] ()
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 ArcService; D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-08] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-17] ()
S3 DAUpdaterSvc; D:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-05-08] (BioWare)
S3 DfSdkS; D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 FreemakeVideoCapture; D:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-25] (Ellora Assets Corp.)
R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2210640 2013-11-29] (LogMeIn Inc.)
R2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5161056 2014-02-03] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 OverwolfUpdaterService; D:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-24] ()
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)
S3 TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936 2008-06-26] ()
R2 WO_LiveService; D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-10-08] ()
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S2 RzMaelstromVADStreamingService; "C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe" [X]
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /svc [X]
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /medsvc [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]
S2 Wpm;  [X]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-08] ()
S3 CXCVBS; C:\Windows\System32\drivers\cxCVBS.sys [244096 2012-11-06] (Conexant Systems, Inc.)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-03-31] ()
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R2 LiveTunerPM; D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0090.sys [28768 2014-03-12] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R3 RTCore64; D:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation                           )
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2013-11-15] (Razer Inc)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-11-21] (Windows (R) Win 7 DDK provider)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [30888 2013-11-15] (Razer Inc)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 wolf; D:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [82472 2013-04-09] ()
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
S1 aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 dump_wmimmc; \??\D:\AeriaGames\WolfTeam-DE\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 15:17 - 2014-05-22 15:17 - 02067456 _____ (Farbar) C:\Users\TheLeX0R\Downloads\FRST64.exe
2014-05-22 15:17 - 2014-05-22 15:17 - 00026674 _____ () C:\Users\TheLeX0R\Downloads\FRST.txt
2014-05-22 15:17 - 2014-05-22 15:17 - 00000000 ____D () C:\FRST
2014-05-21 13:20 - 2014-05-21 13:20 - 02292792 _____ (Mister Group ) C:\Users\TheLeX0R\Downloads\SystemExplorerSetup_560 (1).exe
2014-05-21 13:20 - 2014-05-21 13:20 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Packages
2014-05-21 13:20 - 2014-05-21 13:20 - 00000000 ____D () C:\ProgramData\NeewSAver
2014-05-21 13:04 - 2014-05-21 13:05 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-05-21 13:03 - 2014-05-21 13:03 - 02292792 _____ (Mister Group ) C:\Users\TheLeX0R\Downloads\SystemExplorerSetup_560.exe
2014-05-20 18:12 - 2014-05-20 18:12 - 00222457 _____ () C:\Users\TheLeX0R\Downloads\FileAccess Interface for Skyrim Scripts - FISS-48265-1-21.7z
2014-05-20 16:34 - 2014-05-20 16:34 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-20 16:22 - 2014-05-20 16:22 - 00000793 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-20 16:22 - 2014-05-20 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-20 16:21 - 2014-05-20 16:34 - 00037174 _____ () C:\Windows\DirectX.log
2014-05-20 16:19 - 2014-05-20 16:19 - 03822544 _____ () C:\Users\TheLeX0R\Downloads\battlelog-web-plugins_2.3.2_134.exe
2014-05-19 15:54 - 2014-05-22 13:57 - 00000690 _____ () C:\Windows\PFRO.log
2014-05-18 22:52 - 2014-05-22 14:10 - 00001904 _____ () C:\Windows\setupact.log
2014-05-18 22:52 - 2014-05-18 22:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 20:57 - 2014-05-18 21:00 - 136968980 _____ () C:\Users\TheLeX0R\Downloads\Skyrim Naruto Anime Overhaul-15699-v1-6-2.rar
2014-05-17 13:55 - 2014-05-17 13:55 - 05009173 _____ () C:\Users\TheLeX0R\Downloads\teamspeak3-server_win64-3.0.10.3.zip
2014-05-16 15:57 - 2014-05-16 15:57 - 00001519 _____ () C:\Users\TheLeX0R\Desktop\skse_loader.exe - Verknüpfung.lnk
2014-05-16 15:42 - 2014-05-16 15:42 - 00471625 _____ () C:\Users\TheLeX0R\Downloads\skse_1_06_16.7z
2014-05-16 01:43 - 2014-05-16 01:43 - 00266051 _____ () C:\Users\TheLeX0R\Downloads\skse_1_06_16_installer.exe
2014-05-16 01:43 - 2014-05-16 01:43 - 00001172 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk
2014-05-15 16:33 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-05-15 16:33 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-05-15 16:33 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-05-15 16:33 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-05-15 16:05 - 2014-05-16 01:35 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Nexus Mod Manager
2014-05-15 16:05 - 2014-05-15 16:05 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Black_Tree_Gaming
2014-05-15 16:04 - 2014-05-15 16:04 - 04200816 _____ (Black Tree Gaming ) C:\Users\TheLeX0R\Downloads\Nexus Mod Manager-0.49.6.exe
2014-05-15 16:04 - 2014-05-15 16:04 - 00000742 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-05-15 16:04 - 2014-05-15 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-05-15 13:14 - 2014-05-20 21:36 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Skyrim
2014-05-14 23:50 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 23:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 23:44 - 2014-05-14 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:21 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-05-14 22:21 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-05-14 22:21 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-05-14 22:21 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-05-14 22:17 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:17 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:17 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:17 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:17 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:17 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-14 22:08 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-14 22:08 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-14 22:08 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-14 22:08 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-14 20:15 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 20:15 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 20:15 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-05-14 20:15 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-05-14 20:15 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-05-14 20:15 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-05-14 20:15 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-05-14 20:15 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-05-14 20:15 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-05-14 20:15 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-05-14 20:15 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-05-14 20:14 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-14 20:14 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-14 20:14 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-14 20:14 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-14 20:14 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-14 20:14 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-05-14 20:14 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-05-14 20:14 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-05-14 20:14 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-05-14 20:14 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-05-14 20:14 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-05-14 20:14 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-05-14 20:14 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-05-14 20:14 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-05-14 20:14 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-05-14 20:14 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-05-14 20:14 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-05-14 20:14 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-05-14 20:14 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-05-14 20:14 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-05-14 20:13 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-05-14 20:13 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-05-14 20:13 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-05-14 20:13 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-05-14 20:13 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-05-14 20:13 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-05-14 20:13 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-05-14 20:12 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-14 20:12 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-14 20:12 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-14 20:12 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-14 20:12 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-14 20:12 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-14 20:12 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-14 20:12 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-14 20:12 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-14 20:12 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-14 20:12 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-14 20:12 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-14 20:12 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-14 20:12 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-14 20:12 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-14 20:12 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-14 20:12 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-14 20:12 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-14 20:12 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-14 20:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-14 20:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-14 20:12 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-14 20:12 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-14 20:12 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-14 20:12 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-14 20:12 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-14 20:12 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-14 20:12 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-05-14 20:12 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-05-14 20:12 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-05-14 20:12 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-05-14 20:12 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-14 20:12 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-05-14 20:12 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-05-14 20:12 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-05-14 20:12 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-05-14 20:12 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-05-14 20:12 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-05-14 20:12 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-05-14 20:12 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-05-14 20:12 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-05-14 20:12 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-05-14 20:12 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-14 20:12 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-05-14 20:12 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-05-14 20:12 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-05-14 20:12 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-05-14 20:12 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-05-14 20:12 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-05-14 20:12 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-05-14 20:12 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-05-14 20:12 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-05-14 20:12 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-05-14 20:12 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-05-14 20:12 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-05-14 20:12 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-05-14 20:12 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-05-14 20:12 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-05-14 20:12 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-05-14 20:12 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-05-14 20:12 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-05-14 20:12 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-14 20:12 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-14 19:54 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 19:54 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 19:54 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 19:54 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 19:54 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 19:54 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 19:54 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 19:54 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 19:54 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 19:54 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 19:54 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 19:54 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 19:54 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 19:54 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 19:54 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 19:54 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 17:20 - 2014-05-22 15:03 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Spotify
2014-05-12 21:44 - 2014-05-12 21:44 - 00921512 _____ (Oracle Corporation) C:\Users\TheLeX0R\Downloads\chromeinstall-7u55 (1).exe
2014-05-12 21:43 - 2014-05-12 21:43 - 00004416 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 21:43 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-12 21:43 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-12 21:43 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-12 21:43 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-12 21:28 - 2014-05-12 21:28 - 00921512 _____ (Oracle Corporation) C:\Users\TheLeX0R\Downloads\chromeinstall-7u55.exe
2014-05-11 23:57 - 2014-05-11 23:57 - 00000863 _____ () C:\Users\TheLeX0R\Desktop\TERA.lnk
2014-05-11 23:56 - 2014-05-11 23:56 - 15366160 _____ (Gameforge Productions GmbH ) C:\Users\TheLeX0R\Downloads\TERASetup.exe
2014-05-11 20:47 - 2014-05-11 20:47 - 00501248 _____ (Facebook Inc.) C:\Users\TheLeX0R\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-05-11 20:47 - 2014-05-11 20:47 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Facebook
2014-05-10 12:36 - 2014-05-10 12:36 - 00000831 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-10 12:36 - 2014-05-10 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-10 02:36 - 2014-05-10 02:36 - 00282775 _____ () C:\Users\TheLeX0R\Downloads\YouTube-Unblocker-055 (2).crx
2014-05-10 02:35 - 2014-05-10 02:35 - 00282775 _____ () C:\Users\TheLeX0R\Downloads\YouTube-Unblocker-055.crx
2014-05-10 02:35 - 2014-05-10 02:35 - 00282775 _____ () C:\Users\TheLeX0R\Downloads\YouTube-Unblocker-055 (1).crx
2014-05-10 01:33 - 2014-05-10 01:33 - 00000000 ____D () C:\ProgramData\BioWare
2014-05-10 01:32 - 2014-05-10 01:32 - 00009063 _____ () C:\Users\TheLeX0R\Documents\DAOriginsConfigReport2014-05-10.xml
2014-05-10 01:28 - 2014-05-10 01:28 - 00007902 _____ () C:\Users\TheLeX0R\Documents\DAO Ultimate Addins Updater.log
2014-05-08 22:11 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 22:11 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 22:11 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 22:11 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 22:11 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 22:11 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 22:11 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 22:11 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 22:11 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 22:11 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 22:11 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 22:11 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 22:11 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 22:11 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 22:11 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 22:11 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 22:11 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 22:11 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 22:11 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 22:11 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 22:11 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 22:11 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 22:11 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 22:11 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 22:11 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 22:11 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 22:11 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 22:11 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 22:11 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 22:11 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 22:11 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 22:11 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 22:11 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 22:11 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 22:11 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 22:11 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 22:11 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 22:11 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 22:11 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 22:11 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 22:11 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 22:11 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 22:11 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 22:11 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-08 22:04 - 2014-05-08 22:04 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Image-Line
2014-05-08 17:16 - 2014-05-08 17:16 - 00014272 _____ () C:\Users\TheLeX0R\Downloads\ausflug.odp
2014-05-08 16:43 - 2014-05-08 16:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-08 16:43 - 2014-05-08 16:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 ____D () C:\ProgramData\DiigeiSaveer
2014-05-06 23:38 - 2014-05-22 14:03 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Purplizer
2014-05-06 23:36 - 2014-05-06 23:36 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-05-06 20:01 - 2014-05-06 20:01 - 00714464 _____ () C:\Users\TheLeX0R\Downloads\Adware-Removal-Tool-v3.8.exe
2014-05-06 19:59 - 2014-05-22 14:10 - 00002422 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3.job
2014-05-06 19:59 - 2014-05-22 14:10 - 00001480 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5.job
2014-05-06 19:59 - 2014-05-06 19:59 - 00005452 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3
2014-05-06 19:59 - 2014-05-06 19:59 - 00004510 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5
2014-05-06 19:59 - 2014-05-06 19:59 - 00000000 ____D () C:\Program Files (x86)\HQ-Video-Pro-1.9
2014-05-04 20:49 - 2014-05-04 20:49 - 00000000 ____D () C:\Users\TheLeX0R\Documents\NFS Undercover
2014-05-03 16:51 - 2014-05-03 16:51 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Criterion Games
2014-05-03 04:09 - 2014-05-03 04:09 - 00000799 _____ () C:\Users\TheLeX0R\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Image-Line
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-05-03 04:09 - 2009-09-15 11:14 - 01554944 _____ (HMS hxxp://hp.vector.co.jp/authors/VA012897/) C:\Windows\SysWOW64\vorbis.acm
2014-05-03 04:09 - 2006-06-20 10:56 - 00225280 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\rewire.dll
2014-05-03 04:05 - 2014-05-03 04:06 - 234420169 _____ () C:\Users\TheLeX0R\Downloads\fl studio 10.0.9 full.zip
2014-05-03 01:56 - 2014-05-03 02:20 - 00000000 ____D () C:\Users\TheLeX0R\Documents\SHIFT 2 UNLEASHED
2014-05-02 21:05 - 2014-05-02 21:05 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-05-02 21:04 - 2014-05-02 21:04 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-02 20:53 - 2014-05-09 22:05 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-05-02 20:53 - 2014-05-09 22:01 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-05-01 01:53 - 2014-05-01 01:53 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\EZDownloader
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\SNT
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\MiniApp
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Program Files (x86)\SW-Booster
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-05-01 01:43 - 2014-05-21 13:20 - 00000000 ____D () C:\ProgramData\a83ca1c1cc1eed82
2014-05-01 01:43 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\ProgramData\savve nett
2014-04-26 17:29 - 2014-04-26 17:29 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-26 13:02 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-26 13:02 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-26 13:02 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-26 13:02 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-26 13:02 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-26 13:02 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-26 13:02 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-25 00:27 - 2014-04-26 19:56 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Diablo III
2014-04-24 20:21 - 2014-04-24 20:21 - 00000931 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-04-24 20:21 - 2014-04-24 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-04-24 17:55 - 2014-04-24 17:55 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Blizzard Entertainment
2014-04-24 03:51 - 2014-02-23 03:51 - 00000032 ____R () C:\ProgramData\hash.dat
2014-04-24 02:47 - 2014-04-24 02:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls

==================== One Month Modified Files and Folders =======

2014-05-22 15:17 - 2014-05-22 15:17 - 02067456 _____ (Farbar) C:\Users\TheLeX0R\Downloads\FRST64.exe
2014-05-22 15:17 - 2014-05-22 15:17 - 00026674 _____ () C:\Users\TheLeX0R\Downloads\FRST.txt
2014-05-22 15:17 - 2014-05-22 15:17 - 00000000 ____D () C:\FRST
2014-05-22 15:14 - 2014-01-17 21:35 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Battle.net
2014-05-22 15:10 - 2013-07-06 17:38 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Spotify
2014-05-22 15:10 - 2013-03-22 22:39 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Skype
2014-05-22 15:03 - 2014-05-13 17:20 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Spotify
2014-05-22 15:01 - 2014-02-15 21:53 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-22 15:01 - 2013-04-01 16:07 - 00000302 _____ () C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
2014-05-22 14:58 - 2014-02-15 21:53 - 00000936 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-05-22 14:52 - 2013-07-16 00:44 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA.job
2014-05-22 14:45 - 2013-03-22 17:07 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\PMB Files
2014-05-22 14:24 - 2013-03-22 22:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-22 14:21 - 2013-03-22 23:26 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 14:17 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 14:17 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 14:16 - 2014-02-26 17:12 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-05-22 14:16 - 2013-03-23 01:21 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-22 14:16 - 2013-03-23 01:21 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-22 14:16 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-22 14:14 - 2014-03-17 03:18 - 01565651 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 14:10 - 2014-05-18 22:52 - 00001904 _____ () C:\Windows\setupact.log
2014-05-22 14:10 - 2014-05-06 19:59 - 00002422 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3.job
2014-05-22 14:10 - 2014-05-06 19:59 - 00001480 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5.job
2014-05-22 14:10 - 2014-02-15 21:53 - 00000932 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-05-22 14:10 - 2013-09-17 15:21 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Overwolf
2014-05-22 14:10 - 2013-07-26 19:17 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\LogMeIn Hamachi
2014-05-22 14:10 - 2013-05-16 18:18 - 00003034 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-05-22 14:10 - 2013-03-22 23:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 14:10 - 2013-03-22 16:49 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-05-22 14:10 - 2013-03-22 16:42 - 00000144 _____ () C:\service.log
2014-05-22 14:10 - 2013-03-22 16:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-22 14:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 14:07 - 2013-06-28 12:29 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Adobe
2014-05-22 14:03 - 2014-05-06 23:38 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Purplizer
2014-05-22 13:57 - 2014-05-19 15:54 - 00000690 _____ () C:\Windows\PFRO.log
2014-05-22 00:56 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-21 20:53 - 2014-02-15 21:53 - 00000290 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-21 20:52 - 2013-07-16 00:44 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core.job
2014-05-21 19:55 - 2013-07-03 15:49 - 00000000 ____D () C:\Users\TheLeX0R\Desktop\Alles
2014-05-21 13:20 - 2014-05-21 13:20 - 02292792 _____ (Mister Group ) C:\Users\TheLeX0R\Downloads\SystemExplorerSetup_560 (1).exe
2014-05-21 13:20 - 2014-05-21 13:20 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Packages
2014-05-21 13:20 - 2014-05-21 13:20 - 00000000 ____D () C:\ProgramData\NeewSAver
2014-05-21 13:20 - 2014-05-01 01:43 - 00000000 ____D () C:\ProgramData\a83ca1c1cc1eed82
2014-05-21 13:05 - 2014-05-21 13:04 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-05-21 13:03 - 2014-05-21 13:03 - 02292792 _____ (Mister Group ) C:\Users\TheLeX0R\Downloads\SystemExplorerSetup_560.exe
2014-05-20 21:58 - 2013-03-26 16:38 - 00000000 ____D () C:\ProgramData\Origin
2014-05-20 21:36 - 2014-05-15 13:14 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Skyrim
2014-05-20 21:00 - 2013-03-26 19:21 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-20 21:00 - 2013-03-26 18:42 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-20 21:00 - 2013-03-26 18:42 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-20 18:30 - 2013-04-05 13:37 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\vlc
2014-05-20 18:12 - 2014-05-20 18:12 - 00222457 _____ () C:\Users\TheLeX0R\Downloads\FileAccess Interface for Skyrim Scripts - FISS-48265-1-21.7z
2014-05-20 16:34 - 2014-05-20 16:34 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-20 16:34 - 2014-05-20 16:21 - 00037174 _____ () C:\Windows\DirectX.log
2014-05-20 16:22 - 2014-05-20 16:22 - 00000793 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-20 16:22 - 2014-05-20 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-20 16:19 - 2014-05-20 16:19 - 03822544 _____ () C:\Users\TheLeX0R\Downloads\battlelog-web-plugins_2.3.2_134.exe
2014-05-20 16:19 - 2013-03-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-19 17:08 - 2013-03-22 17:07 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-18 22:52 - 2014-05-18 22:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 21:00 - 2014-05-18 20:57 - 136968980 _____ () C:\Users\TheLeX0R\Downloads\Skyrim Naruto Anime Overhaul-15699-v1-6-2.rar
2014-05-18 09:39 - 2013-05-10 10:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-17 14:00 - 2013-06-03 17:40 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\TS3Client
2014-05-17 13:55 - 2014-05-17 13:55 - 05009173 _____ () C:\Users\TheLeX0R\Downloads\teamspeak3-server_win64-3.0.10.3.zip
2014-05-17 13:51 - 2013-09-17 15:07 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-16 17:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:57 - 2014-05-16 15:57 - 00001519 _____ () C:\Users\TheLeX0R\Desktop\skse_loader.exe - Verknüpfung.lnk
2014-05-16 15:42 - 2014-05-16 15:42 - 00471625 _____ () C:\Users\TheLeX0R\Downloads\skse_1_06_16.7z
2014-05-16 01:43 - 2014-05-16 01:43 - 00266051 _____ () C:\Users\TheLeX0R\Downloads\skse_1_06_16_installer.exe
2014-05-16 01:43 - 2014-05-16 01:43 - 00001172 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk
2014-05-16 01:35 - 2014-05-15 16:05 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Nexus Mod Manager
2014-05-15 19:51 - 2013-03-22 23:05 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-15 18:03 - 2013-03-22 23:06 - 00000000 ____D () C:\Users\TheLeX0R\Documents\My Games
2014-05-15 16:05 - 2014-05-15 16:05 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Black_Tree_Gaming
2014-05-15 16:04 - 2014-05-15 16:04 - 04200816 _____ (Black Tree Gaming ) C:\Users\TheLeX0R\Downloads\Nexus Mod Manager-0.49.6.exe
2014-05-15 16:04 - 2014-05-15 16:04 - 00000742 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-05-15 16:04 - 2014-05-15 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-05-15 12:26 - 2013-03-22 16:55 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-15 12:19 - 2013-12-23 21:21 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 12:19 - 2013-05-10 10:28 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 12:19 - 2013-05-10 10:28 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 12:17 - 2013-03-22 16:29 - 00000000 ___RD () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:17 - 2013-03-22 16:29 - 00000000 ___RD () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 23:46 - 2013-03-22 16:53 - 00069056 _____ () C:\Users\TheLeX0R\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-14 23:46 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-14 23:45 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-14 23:45 - 2009-07-14 06:45 - 04990336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 23:44 - 2014-05-14 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 23:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 22:12 - 2013-07-28 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:11 - 2013-03-26 00:35 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 21:24 - 2013-03-22 22:57 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:24 - 2013-03-22 22:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:24 - 2013-03-22 22:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 21:44 - 2014-05-12 21:44 - 00921512 _____ (Oracle Corporation) C:\Users\TheLeX0R\Downloads\chromeinstall-7u55 (1).exe
2014-05-12 21:43 - 2014-05-12 21:43 - 00004416 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 21:43 - 2013-10-19 17:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 21:43 - 2013-10-19 17:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-12 21:28 - 2014-05-12 21:28 - 00921512 _____ (Oracle Corporation) C:\Users\TheLeX0R\Downloads\chromeinstall-7u55.exe
2014-05-12 01:30 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-11 23:57 - 2014-05-11 23:57 - 00000863 _____ () C:\Users\TheLeX0R\Desktop\TERA.lnk
2014-05-11 23:57 - 2013-05-10 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
2014-05-11 23:56 - 2014-05-11 23:56 - 15366160 _____ (Gameforge Productions GmbH ) C:\Users\TheLeX0R\Downloads\TERASetup.exe
2014-05-11 20:47 - 2014-05-11 20:47 - 00501248 _____ (Facebook Inc.) C:\Users\TheLeX0R\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-05-11 20:47 - 2014-05-11 20:47 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Facebook
2014-05-11 20:47 - 2013-07-16 00:44 - 00003922 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA
2014-05-11 20:47 - 2013-07-16 00:44 - 00003554 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core
2014-05-10 12:36 - 2014-05-10 12:36 - 00000831 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-10 12:36 - 2014-05-10 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-10 12:32 - 2013-06-17 18:52 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\CrashDumps
2014-05-10 02:36 - 2014-05-10 02:36 - 00282775 _____ () C:\Users\TheLeX0R\Downloads\YouTube-Unblocker-055 (2).crx
2014-05-10 02:35 - 2014-05-10 02:35 - 00282775 _____ () C:\Users\TheLeX0R\Downloads\YouTube-Unblocker-055.crx
2014-05-10 02:35 - 2014-05-10 02:35 - 00282775 _____ () C:\Users\TheLeX0R\Downloads\YouTube-Unblocker-055 (1).crx
2014-05-10 01:33 - 2014-05-10 01:33 - 00000000 ____D () C:\ProgramData\BioWare
2014-05-10 01:32 - 2014-05-10 01:32 - 00009063 _____ () C:\Users\TheLeX0R\Documents\DAOriginsConfigReport2014-05-10.xml
2014-05-10 01:28 - 2014-05-10 01:28 - 00007902 _____ () C:\Users\TheLeX0R\Documents\DAO Ultimate Addins Updater.log
2014-05-10 01:28 - 2013-10-14 21:30 - 00000000 ____D () C:\Users\TheLeX0R\Documents\BioWare
2014-05-09 22:05 - 2014-05-02 20:53 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-05-09 22:01 - 2014-05-02 20:53 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-05-09 08:14 - 2014-05-14 20:15 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 20:15 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 22:04 - 2014-05-08 22:04 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Image-Line
2014-05-08 17:16 - 2014-05-08 17:16 - 00014272 _____ () C:\Users\TheLeX0R\Downloads\ausflug.odp
2014-05-08 16:43 - 2014-05-08 16:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-08 16:43 - 2014-05-08 16:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400149151158
2014-05-08 16:43 - 2013-05-10 10:28 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400149151158
2014-05-08 16:43 - 2013-05-10 10:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-08 16:43 - 2013-05-10 10:28 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 ____D () C:\ProgramData\DiigeiSaveer
2014-05-06 23:36 - 2014-05-06 23:36 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-05-06 20:01 - 2014-05-06 20:01 - 00714464 _____ () C:\Users\TheLeX0R\Downloads\Adware-Removal-Tool-v3.8.exe
2014-05-06 19:59 - 2014-05-06 19:59 - 00005452 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3
2014-05-06 19:59 - 2014-05-06 19:59 - 00004510 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5
2014-05-06 19:59 - 2014-05-06 19:59 - 00000000 ____D () C:\Program Files (x86)\HQ-Video-Pro-1.9
2014-05-06 06:40 - 2014-05-14 22:17 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 22:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 22:17 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 22:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 22:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 22:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 20:49 - 2014-05-04 20:49 - 00000000 ____D () C:\Users\TheLeX0R\Documents\NFS Undercover
2014-05-04 20:48 - 2013-03-26 19:21 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\PunkBuster
2014-05-03 17:50 - 2013-08-31 14:13 - 00000000 _____ () C:\dfu.log
2014-05-03 16:51 - 2014-05-03 16:51 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Criterion Games
2014-05-03 04:09 - 2014-05-03 04:09 - 00000799 _____ () C:\Users\TheLeX0R\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Image-Line
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-05-03 04:06 - 2014-05-03 04:05 - 234420169 _____ () C:\Users\TheLeX0R\Downloads\fl studio 10.0.9 full.zip
2014-05-03 02:20 - 2014-05-03 01:56 - 00000000 ____D () C:\Users\TheLeX0R\Documents\SHIFT 2 UNLEASHED
2014-05-03 02:06 - 2014-01-03 05:23 - 00000000 ____D () C:\ProgramData\Solidshield
2014-05-02 21:05 - 2014-05-02 21:05 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-05-02 21:05 - 2013-11-05 21:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-02 21:04 - 2014-05-02 21:04 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-01 01:53 - 2014-05-01 01:53 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\EZDownloader
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\SNT
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\MiniApp
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Program Files (x86)\SW-Booster
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-05-01 01:44 - 2014-05-01 01:43 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\ProgramData\savve nett
2014-05-01 01:43 - 2013-03-22 23:26 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Google
2014-04-30 16:07 - 2013-04-01 16:07 - 00000310 _____ () C:\Windows\Tasks\Registry Optimizer_UPDATES.job
2014-04-30 01:52 - 2014-04-09 14:53 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Activision
2014-04-30 01:52 - 2014-04-09 14:53 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Activision
2014-04-26 19:56 - 2014-04-25 00:27 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Diablo III
2014-04-26 17:29 - 2014-04-26 17:29 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-25 02:01 - 2013-05-16 19:03 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\.minecraft
2014-04-24 20:21 - 2014-04-24 20:21 - 00000931 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-04-24 20:21 - 2014-04-24 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-04-24 17:55 - 2014-04-24 17:55 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Blizzard Entertainment
2014-04-24 17:22 - 2013-03-26 18:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-24 14:09 - 2013-04-02 23:56 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Akamai
2014-04-24 02:47 - 2014-04-24 02:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat
C:\ProgramData\hash.dat
C:\Users\TheLeX0R\createfileassoc.exe
C:\Users\TheLeX0R\error_report.exe
C:\Users\TheLeX0R\libeay32.dll
C:\Users\TheLeX0R\msvcp110.dll
C:\Users\TheLeX0R\msvcr110.dll
C:\Users\TheLeX0R\OverwolfTeamSpeakInstaller.exe
C:\Users\TheLeX0R\package_inst.exe
C:\Users\TheLeX0R\Qt5Core.dll
C:\Users\TheLeX0R\Qt5Gui.dll
C:\Users\TheLeX0R\Qt5Network.dll
C:\Users\TheLeX0R\Qt5Sql.dll
C:\Users\TheLeX0R\Qt5Widgets.dll
C:\Users\TheLeX0R\quazip.dll
C:\Users\TheLeX0R\ssleay32.dll
C:\Users\TheLeX0R\ts3client_win64.exe
C:\Users\TheLeX0R\Uninstall.exe
C:\Users\TheLeX0R\update.exe


Some content of TEMP:
====================
C:\Users\TheLeX0R\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-16 17:07

==================== End Of Log ============================

--- --- ---

TheLeX0R · 23.05.2014, 13:44

Und hier das Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by TheLeX0R at 2014-05-22 15:18:10
Running from C:\Users\TheLeX0R\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD OverDrive (HKLM-x32\...\{973620A0-7EA9-4D9D-95B7-349B78664AC7}) (Version: 4.2.6.0638 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Ashampoo WinOptimizer 10 v.10.2.6 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.06 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield Heroes (HKCU\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version:  - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Keyboard Layout by -Sp0ng3B0b- v2 (HKLM\...\{744D08ED-C523-40AD-886A-0CAD5B770924}) (Version: 1.0.3.40 - Crossfire-GermanY.eu)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DiigeiSaveer (HKLM-x32\...\{7223EDAC-E091-B3C1-BD91-B66CE557800F}) (Version:  - DiagiSSaever)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
D-Link DWA-131 Wireless N Nano USB Adapter (HKLM-x32\...\{98B82958-1DCA-4504-BE88-C91F1C7A7225}) (Version: 1 - D-Link)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
DomaIQ (HKLM-x32\...\DomaIQ Uninstaller) (Version:  - Tuguu SLU)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.0 - Ellora Assets Corporation)
FreeTVDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - 1clickmoviedownloader.com) <==== ATTENTION
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version:  - Piranha – Bytes )
Gothic 3 Forsaken Gods Enhanced Edition (HKLM-x32\...\Steam App 65600) (Version:  - Trine Studios)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar)
GRID (HKLM-x32\...\Steam App 12750) (Version:  - Codemasters Studios)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{8133D9DE-F412-4CFB-A359-5E3EE38A9A19}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HQ-Video-Pro-1.9 (HKLM-x32\...\HQ-Video-Pro-1.9) (Version: 1.34.4.10 - HQ-Video) <==== ATTENTION
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Impulse (HKLM-x32\...\Impulse) (Version:  - Stardock)
Impulse (x32 Version: 1.0 - Stardock Corporation) Hidden
Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Rockstar)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.3.0 - www.leaguereplays.com)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MTA:SA v1.3.2 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.2 - Multi Theft Auto)
MX vs ATV Reflex (HKLM-x32\...\Steam App 55140) (Version:  - Double Helix Games)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
Need for Speed: Undercover (HKLM-x32\...\Steam App 17430) (Version:  - EA Black Box)
NeewSAver (HKLM-x32\...\{6A08B379-76FB-B4CF-0C70-CAFCD3635A77}) (Version:  - NewSaver)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
ObjectDock Plus (HKLM-x32\...\ObjectDock Plus2.01) (Version: 2.01 - Stardock Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 21.0.1432.67 (HKLM-x32\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Sacred 2 (HKLM-x32\...\{1023383E-D9F6-478C-A965-23A4657B3C9A}) (Version: 2.0.2.0 - Ascaron Entertainment)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Samplitude Pro X Silver (HKLM-x32\...\MAGIX_{86460AB2-75D3-400D-B9A8-232EC729192E}) (Version: 12.0.2.115 - MAGIX AG)
Samplitude Pro X Silver (Version: 12.0.2.115 - MAGIX AG) Hidden
Samplitude Pro X Silver 64-Bit Addon for Samplitude Pro X Silver (HKLM-x32\...\{DA120551-51CE-3195-8F9E-93D822F61597}) (Version: 1.3.0.0 - MAGIX AG)
Samplitude Pro X Silver Independence Free for Samplitude Pro X Silver (HKLM-x32\...\{E80D368A-7860-33B0-AD3C-4C94D8023141}) (Version: 1.3.0.0 - MAGIX AG)
Samplitude Pro X Silver Objekt-Synthesizer for Samplitude Pro X Silver (HKLM-x32\...\{D1B56A67-E132-39BB-8250-BE265061B712}) (Version: 1.0.0.0 - MAGIX AG)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
SaveSense (HKCU\...\SaveSense) (Version: 6.4.0.0 - SaveSense) <==== ATTENTION
savve nett (HKLM-x32\...\{7DD5E91C-3864-77EC-7635-D14910C2A03E}) (Version: 4.3.0.1718 - save net)
SC Net Speed Booster 4.4.0.0 (HKLM-x32\...\SC Net Speed Booster_is1) (Version:  - SoftwareClub.ws)
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2070.0 - Hi-Rez Studios)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SNT (HKLM-x32\...\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}) (Version: 4.1.0.1692 - SNT) <==== ATTENTION
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
Special Force 2  1.0 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 (HKLM-x32\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios)
SW-Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}) (Version:  - Certified Publisher) <==== ATTENTION
System Explorer 5.6.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Amazing Spider-Man 2 (HKLM-x32\...\Steam App 267550) (Version:  - Beenox)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version:  - NeocoreGames)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.3.6 - Electronic Arts)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
TP-LINK Drahtlos Tool (HKLM-x32\...\{B9A431FF-FDB1-40E5-B5F3-215290FD62DE}) (Version: 7.0 - TP-LINK)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
USB2.0 Audio Capture (HKLM\...\VID_1F4D&PID_0102&MI_00) (Version: 1.0.0.0 - Conexant Systems)
USB2.0 Video Capture (HKLM\...\VID_1F4D&PID_0102&MI_01) (Version: 1.0.0.0 - Conexant Systems)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version:  - )
XSplit Broadcaster (HKLM-x32\...\{781B7F3D-8107-4049-80C0-16FF46420184}) (Version: 1.3.1306.2101 - SplitMediaLabs)
YoutubeAdblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 3.0.0.1055 - YoutubeAdblocker) <==== ATTENTION

==================== Restore Points  =========================

20-05-2014 14:21:07 DirectX wurde installiert
20-05-2014 14:33:55 DirectX wurde installiert
21-05-2014 10:13:32 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {07D34D9E-74FC-4F2A-A2A1-13DD8DE162C6} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {1783BCD6-E278-4EAA-8296-077E39F76C7E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-08] (AVAST Software)
Task: {184E1E81-6EEF-4A59-A1FC-97EDF21193C2} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {259DB01C-4CCE-4030-A706-1A4C45BD0099} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2AB4F7BD-315D-424A-8D8F-CC6294214A9E} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {42A67565-9115-4C17-89ED-FF953EC130AC} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {4DD4030C-D5C3-49DE-A11E-2DB8671218B8} - System32\Tasks\Registry Optimizer => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {4EB712EF-09C3-4639-B153-7431A9E15C28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22] (Google Inc.)
Task: {4FC564AC-5546-44F0-BF58-9A8002142653} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {6ED70C2C-B960-401E-85E2-EC6D7D8AA52D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {830B9760-328B-4E5F-A010-56867229B77A} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {83EF0A29-B7F5-4DB5-BBA5-410E9D16DEB9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {944A130F-BC82-48EC-B152-492FD0179F59} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {99EDF38D-D79C-4F19-A9C3-DAD620E10E62} - System32\Tasks\MSIAfterburner => D:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-01-23] ()
Task: {9D86188D-49A4-4EFC-9558-84DCC5450933} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {9DF8BF01-CC61-48DE-A6B1-73037AB3903D} - System32\Tasks\{8F8D07BE-4348-4DB7-80B2-86B7030D1FCB} => D:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
Task: {A7E0E658-D83C-4003-9C6F-E6B90B7EDDB4} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {AA987E22-C95C-4E1B-8D8B-E829CA26C5C7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {AE73D7E9-9AD3-40C3-88BA-4C942F7BE348} - System32\Tasks\AdobeAAMUpdater-1.0-TheLeX0R-PC-TheLeX0R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {AEC790BF-1093-4EAB-96D6-E32CB5C80503} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {B48B8D41-2F35-464D-B95D-0B0A0204039E} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {C1433ECF-19F1-4546-A07C-50ADFF452228} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {CD76E85A-C8A2-4DC6-8B9B-943BA5EB229B} - System32\Tasks\{AC3F3DE1-A764-47D6-8219-BAC3F9D8DA96} => D:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
Task: {CE1EFDE6-1E3A-4246-A62F-FFC86101ED91} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CE496BD6-AA4D-4D3D-9C20-13048BC2F60F} - System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5 => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-5.exe [2014-05-06] (HQ-Video)
Task: {D2D9D95C-1D00-4501-A0EA-D2569D2442A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22] (Google Inc.)
Task: {DDA30E1C-62AF-48E2-828C-4F27E2523300} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-11] (Facebook Inc.)
Task: {E0BDB290-CB82-4BAC-96EF-049D6EB9BA9D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-11] (Facebook Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E45CB5A8-6EE5-4376-882D-10EA516A34DA} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {EF681E9D-516C-4A56-A3C2-4F4B9A28FB6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {F3594CD3-6762-4FD3-92DC-D571F19ECF78} - System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3 => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-3.exe [2014-05-06] (HQ-Video)
Task: {FFE2D4B9-30DD-4ACF-A5D0-DF870AC40B34} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3.job => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-3.exe
Task: C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5.job => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core.job => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA.job => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-10-26 15:20 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-22 16:42 - 2009-08-24 15:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2013-03-26 18:42 - 2014-04-24 17:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-05 16:21 - 2008-06-26 19:09 - 00167936 ____N () C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
2013-12-09 01:08 - 2013-10-08 15:07 - 00885096 _____ () D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
2014-05-11 23:57 - 2014-01-13 12:13 - 01090656 _____ () D:\Program Files (x86)\TERA\Client\TL.exe
2014-05-18 21:57 - 2014-04-10 07:01 - 10788384 _____ () D:\Program Files (x86)\TERA\Client\Binaries\TERA.exe
2013-01-23 08:12 - 2013-01-23 08:12 - 00425016 _____ () D:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2013-01-23 08:12 - 2013-01-23 08:12 - 00166968 _____ () D:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
2014-05-21 23:55 - 2014-05-21 23:55 - 02254848 _____ () C:\Program Files\AVAST Software\Avast\defs\14052101\algo.dll
2014-02-26 17:12 - 2014-02-26 17:12 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2013-03-22 16:42 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2012-11-30 12:45 - 2012-11-30 12:45 - 00122880 _____ () D:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
2013-12-06 20:37 - 2013-12-06 20:37 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-10 12:36 - 2014-05-10 12:36 - 26118656 _____ () D:\Program Files (x86)\Battle.net\Battle.net.4511\libcef.dll
2014-05-10 12:36 - 2014-05-10 12:36 - 00739840 _____ () D:\Program Files (x86)\Battle.net\Battle.net.4511\libglesv2.dll
2014-05-10 12:36 - 2014-05-10 12:36 - 00130048 _____ () D:\Program Files (x86)\Battle.net\Battle.net.4511\libegl.dll
2014-05-11 23:57 - 2014-01-13 12:13 - 20452352 _____ () D:\Program Files (x86)\TERA\libcef.dll
2014-05-11 23:57 - 2014-01-13 12:13 - 00115240 _____ () D:\Program Files (x86)\TERA\CopyCub.dll
2014-05-18 21:57 - 2013-12-17 10:48 - 20645216 _____ () D:\Program Files (x86)\TERA\Client\Binaries\awesomium.dll
2014-05-18 21:57 - 2013-12-17 10:48 - 00166992 _____ () D:\Program Files (x86)\TERA\Client\Binaries\PhysXExtensions.dll
2013-01-16 18:01 - 2013-01-16 18:01 - 00069632 _____ () D:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2013-01-16 18:00 - 2013-01-16 18:00 - 00061440 _____ () D:\Program Files (x86)\MSI Afterburner\RTFC.dll
2013-01-16 18:01 - 2013-01-16 18:01 - 00229376 _____ () D:\Program Files (x86)\MSI Afterburner\RTCore.dll
2013-01-16 18:00 - 2013-01-16 18:00 - 00143360 _____ () D:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-01-16 18:01 - 2013-01-16 18:01 - 00348160 _____ () D:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2011-04-30 21:04 - 2011-04-30 21:04 - 00013312 _____ () D:\Program Files (x86)\MSI Afterburner\RTTSH.dll
2012-11-30 12:24 - 2012-11-30 12:24 - 00061440 _____ () D:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
2012-11-30 12:26 - 2012-11-30 12:26 - 00147456 _____ () D:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
2012-11-30 12:48 - 2012-11-30 12:48 - 00061440 _____ () D:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
2011-04-30 21:04 - 2011-04-30 21:04 - 00013312 _____ () D:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-01 01:44 - 2014-05-01 01:44 - 04296192 _____ () C:\Program Files (x86)\SW-Booster\Assistant.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\TheLeX0R\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\TheLeX0R\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: avast! Network Shield Support
Description: avast! Network Shield Support
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswTdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: adgnetworktdi
Description: adgnetworktdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: adgnetworktdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther VPN Project
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2014 02:11:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:59:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/21/2014 07:54:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2014 07:53:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/21/2014 07:53:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/21/2014 07:53:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/21/2014 00:56:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/22/2014 02:14:36 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/22/2014 02:14:36 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/22/2014 02:13:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (05/22/2014 02:12:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/22/2014 02:10:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
adgnetworktdi
aswKbd
aswTdi

Error: (05/22/2014 02:10:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Surround Audio Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/22/2014 02:10:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/22/2014 02:10:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wpm Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%87

Error: (05/22/2014 02:10:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! Firewall" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/22/2014 02:10:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎05.‎2014 um 14:08:44 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (05/22/2014 02:11:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:59:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/21/2014 07:54:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2014 07:53:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/21/2014 07:53:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/21/2014 07:53:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/21/2014 00:56:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 11517.24 MB
Available physical RAM: 6413.48 MB
Total Pagefile: 23232.66 MB
Available Pagefile: 17790.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.53 GB) (Free:15.87 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:931.51 GB) (Free:247.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: DD4A377F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CF7B7D37)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 24.05.2014, 11:10

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

TheLeX0R · 24.05.2014, 11:33

ich konnte das Programm nicht von der Seite runterladen und habe es dann von einer anderen runtergeladen, allerdings versteh ich jetzt nicht wie du das meinst ich solle nach: Additional Scan Results of Farbar Security Scan Tool suchen, wenn ich das in die Suchleiste eingebe kommt nichts. Soll ich jetzt Combofix downloaden?

schrauber · 25.05.2014, 06:44

Du sollst in die Addition.txt von FRST, das Log, schauen. Was du gepostet hast, dann genau nach Anleitung oben vorgehen, steht da Schritt für Schritt.

TheLeX0R · 25.05.2014, 08:09

Ok, hab ich gemacht die Dateien unter "Installed Programs" sind jetzt gelöscht.
Hier das neue FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014
Ran by TheLeX0R (administrator) on THELEX0R-PC on 25-05-2014 09:01:49
Running from C:\Users\TheLeX0R\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Ellora Assets Corp.) D:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Ashampoo Development GmbH & Co. KG) D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Akamai Technologies, Inc.) C:\Users\TheLeX0R\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\TheLeX0R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Akamai Technologies, Inc.) C:\Users\TheLeX0R\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Blizzard Entertainment) D:\Program Files (x86)\Battle.net\Battle.net.4511\Battle.net.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(BugSplat, LLC) C:\Program Files (x86)\Pando Networks\Media Booster\BsSndRpt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] => D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe [2949480 2013-10-08] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-08] (AVAST Software)
HKLM-x32\...\Run: [PowerDVD13Agent] => "D:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13\PowerDVD13Agent.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [4008296 2014-05-12] (Mister Group)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [1775808 2014-05-21] (Valve Corporation)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4270640 2013-03-22] ()
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Akamai NetSession Interface] => C:\Users\TheLeX0R\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Spotify Web Helper] => C:\Users\TheLeX0R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-05-22] (Spotify Ltd)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Battle.net] => D:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2907184 2014-05-24] (Blizzard Entertainment)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Overwolf] => D:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\Run: [Facebook Update] => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-11] (Facebook Inc.)
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\MountPoints2: {1e70355e-92fc-11e2-a7c8-806e6f6e6963} - E:\install.EXE id= ver=1.0.0.0
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\MountPoints2: {a8c362e3-9d25-11e2-98e6-50e549caf6ba} - F:\iLinker.exe
HKU\S-1-5-21-948014355-1045144865-171497218-1000\...\MountPoints2: {d72f6c10-7541-11e3-af59-50e549caf6ba} - F:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => "c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll" File Not Found

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = hxxp://go.findrsearch.com/search/web?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DiigeiSaveer - {EC567081-93A5-B348-8F74-867F8FBF636E} - C:\ProgramData\DiigeiSaveer\GO6Mfie5.dll ()
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - D:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\TheLeX0R\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\TheLeX0R\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-10]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\TheLeX0R\AppData\Roaming\Mozilla\Firefox\Profiles\vo6v5vbq.default\extensions\quick_start@gmail.com

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-22]
CHR Extension: (AdBlock) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-09]
CHR Extension: (DigieCoupon) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh [2014-05-21]
CHR Extension: (JoniCoupon) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklmkkhhhhambjcfleebcdgkoceobbhb [2014-05-22]
CHR Extension: (Adblock Super) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-05-24]
CHR Extension: (Google Wallet) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (YouTube Unblocker) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-05-10]
CHR Extension: (Extended Protection) - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-05-09]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137096 2013-02-06] ()
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 ArcService; D:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-08] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-17] ()
S3 DAUpdaterSvc; D:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-05-08] (BioWare)
S3 DfSdkS; D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 FreemakeVideoCapture; D:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-25] (Ellora Assets Corp.)
R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2210640 2013-11-29] (LogMeIn Inc.)
R2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5161056 2014-02-03] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S3 OverwolfUpdaterService; D:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-24] ()
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)
S3 TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 WO_LiveService; D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-10-08] ()
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S2 RzMaelstromVADStreamingService; "C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe" [X]
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /svc [X]
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /medsvc [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]
S2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [X]
S2 Wpm;  [X]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57952 2013-02-06] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-08] ()
S3 CXCVBS; C:\Windows\System32\drivers\cxCVBS.sys [244096 2012-11-06] (Conexant Systems, Inc.)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-03-31] ()
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R2 LiveTunerPM; D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0090.sys [28768 2014-03-12] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation                           )
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2013-11-15] (Razer Inc)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-11-21] (Windows (R) Win 7 DDK provider)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [30888 2013-11-15] (Razer Inc)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 wolf; D:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [82472 2013-04-09] ()
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
S1 aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 dump_wmimmc; \??\D:\AeriaGames\WolfTeam-DE\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 09:01 - 2014-05-25 09:01 - 00025491 _____ () C:\Users\TheLeX0R\Downloads\FRST.txt
2014-05-25 09:00 - 2014-05-25 09:00 - 00000000 ____D () C:\Users\TheLeX0R\Downloads\FRST-OlderVersion
2014-05-25 08:58 - 2014-05-25 08:59 - 251368283 _____ (F-Secure Corporation) C:\Users\TheLeX0R\Downloads\fsdbupdate9.exe
2014-05-24 12:23 - 2014-05-24 12:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\TheLeX0R\Downloads\revosetup.exe
2014-05-24 12:23 - 2014-05-24 12:23 - 00001264 _____ () C:\Users\TheLeX0R\Desktop\Revo Uninstaller.lnk
2014-05-24 12:23 - 2014-05-24 12:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-24 12:20 - 2014-05-24 12:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\TheLeX0R\Downloads\Revo Uninstaller - CHIP-Installer.exe
2014-05-22 21:38 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-22 21:38 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-22 20:25 - 2014-05-24 13:06 - 00000000 ____D () C:\ProgramData\50CoupOnos
2014-05-22 15:17 - 2014-05-25 09:01 - 00000000 ____D () C:\FRST
2014-05-22 15:17 - 2014-05-25 09:00 - 02066432 _____ (Farbar) C:\Users\TheLeX0R\Downloads\FRST64.exe
2014-05-21 13:20 - 2014-05-21 13:20 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Packages
2014-05-21 13:04 - 2014-05-21 13:05 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-05-20 16:34 - 2014-05-20 16:34 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-20 16:22 - 2014-05-20 16:22 - 00000793 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-20 16:22 - 2014-05-20 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-20 16:21 - 2014-05-20 16:34 - 00037174 _____ () C:\Windows\DirectX.log
2014-05-19 15:54 - 2014-05-24 13:06 - 00007850 _____ () C:\Windows\PFRO.log
2014-05-18 22:52 - 2014-05-24 13:06 - 00002511 _____ () C:\Windows\setupact.log
2014-05-18 22:52 - 2014-05-18 22:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-16 15:57 - 2014-05-16 15:57 - 00001519 _____ () C:\Users\TheLeX0R\Desktop\skse_loader.exe - Verknüpfung.lnk
2014-05-16 01:43 - 2014-05-16 01:43 - 00001172 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk
2014-05-15 16:33 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-05-15 16:33 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-05-15 16:33 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-05-15 16:33 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-05-15 16:05 - 2014-05-16 01:35 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Nexus Mod Manager
2014-05-15 16:05 - 2014-05-15 16:05 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Black_Tree_Gaming
2014-05-15 16:04 - 2014-05-15 16:04 - 00000742 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-05-15 16:04 - 2014-05-15 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-05-15 13:14 - 2014-05-20 21:36 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Skyrim
2014-05-14 23:50 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 23:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 23:44 - 2014-05-14 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:21 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-05-14 22:21 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-05-14 22:21 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-05-14 22:21 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-05-14 22:17 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:17 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:17 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:17 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:17 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:17 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-14 22:08 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-14 22:08 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-14 22:08 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-14 22:08 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-14 22:08 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-14 20:15 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 20:15 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 20:15 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-05-14 20:15 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-05-14 20:15 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-05-14 20:15 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-05-14 20:15 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-05-14 20:15 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-05-14 20:15 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-05-14 20:15 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-05-14 20:15 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-05-14 20:15 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-05-14 20:15 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-05-14 20:15 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-05-14 20:14 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-14 20:14 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-14 20:14 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-14 20:14 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-14 20:14 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-14 20:14 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-05-14 20:14 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-05-14 20:14 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-05-14 20:14 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-05-14 20:14 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-05-14 20:14 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-05-14 20:14 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-05-14 20:14 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-05-14 20:14 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-05-14 20:14 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-05-14 20:14 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-05-14 20:14 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-05-14 20:14 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-05-14 20:14 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-05-14 20:14 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-05-14 20:14 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-05-14 20:14 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-05-14 20:13 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-05-14 20:13 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-05-14 20:13 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-05-14 20:13 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-05-14 20:13 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-05-14 20:13 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-05-14 20:13 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-05-14 20:13 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-05-14 20:12 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-14 20:12 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-14 20:12 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-14 20:12 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-14 20:12 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-14 20:12 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-14 20:12 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-14 20:12 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-14 20:12 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-14 20:12 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-14 20:12 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-14 20:12 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-14 20:12 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-14 20:12 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-14 20:12 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-14 20:12 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-14 20:12 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-14 20:12 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-14 20:12 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-14 20:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-14 20:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-14 20:12 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-14 20:12 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-14 20:12 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-14 20:12 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-14 20:12 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-14 20:12 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-14 20:12 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-05-14 20:12 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-05-14 20:12 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-05-14 20:12 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-05-14 20:12 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-14 20:12 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-05-14 20:12 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-05-14 20:12 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-05-14 20:12 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-05-14 20:12 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-05-14 20:12 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-05-14 20:12 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-05-14 20:12 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-05-14 20:12 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-05-14 20:12 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-05-14 20:12 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-14 20:12 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-05-14 20:12 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-05-14 20:12 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-05-14 20:12 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-05-14 20:12 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-05-14 20:12 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-05-14 20:12 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-05-14 20:12 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-05-14 20:12 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-05-14 20:12 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-05-14 20:12 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-05-14 20:12 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-05-14 20:12 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-05-14 20:12 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-05-14 20:12 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-05-14 20:12 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-05-14 20:12 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-05-14 20:12 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-05-14 20:12 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-05-14 20:12 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-14 20:12 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-14 19:54 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 19:54 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 19:54 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 19:54 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 19:54 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 19:54 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 19:54 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 19:54 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 19:54 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 19:54 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 19:54 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 19:54 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 19:54 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 19:54 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 19:54 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 19:54 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 19:54 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 19:54 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 19:54 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 17:20 - 2014-05-22 15:03 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Spotify
2014-05-12 21:43 - 2014-05-12 21:43 - 00004416 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 21:43 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-12 21:43 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-12 21:43 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-12 21:43 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-11 23:57 - 2014-05-11 23:57 - 00000863 _____ () C:\Users\TheLeX0R\Desktop\TERA.lnk
2014-05-11 20:47 - 2014-05-11 20:47 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Facebook
2014-05-10 12:36 - 2014-05-10 12:36 - 00000831 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-10 12:36 - 2014-05-10 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-10 01:33 - 2014-05-10 01:33 - 00000000 ____D () C:\ProgramData\BioWare
2014-05-10 01:32 - 2014-05-10 01:32 - 00009063 _____ () C:\Users\TheLeX0R\Documents\DAOriginsConfigReport2014-05-10.xml
2014-05-10 01:28 - 2014-05-10 01:28 - 00007902 _____ () C:\Users\TheLeX0R\Documents\DAO Ultimate Addins Updater.log
2014-05-08 22:11 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 22:11 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 22:11 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 22:11 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 22:11 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 22:11 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 22:11 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 22:11 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 22:11 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 22:11 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 22:11 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 22:11 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 22:11 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 22:11 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 22:11 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 22:11 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 22:11 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 22:11 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 22:11 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 22:11 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 22:11 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 22:11 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 22:11 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 22:11 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 22:11 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 22:11 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 22:11 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 22:11 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 22:11 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 22:11 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 22:11 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 22:11 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 22:11 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 22:11 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 22:11 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 22:11 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 22:11 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 22:11 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 22:11 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 22:11 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 22:11 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 22:11 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 22:11 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 22:11 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-08 22:04 - 2014-05-08 22:04 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Image-Line
2014-05-08 16:43 - 2014-05-08 16:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-08 16:43 - 2014-05-08 16:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 ____D () C:\ProgramData\DiigeiSaveer
2014-05-06 23:38 - 2014-05-24 21:08 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Purplizer
2014-05-06 23:36 - 2014-05-06 23:36 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-05-06 19:59 - 2014-05-25 08:40 - 00002422 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3.job
2014-05-06 19:59 - 2014-05-25 08:40 - 00001480 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5.job
2014-05-06 19:59 - 2014-05-06 19:59 - 00005452 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3
2014-05-06 19:59 - 2014-05-06 19:59 - 00004510 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5
2014-05-04 20:49 - 2014-05-04 20:49 - 00000000 ____D () C:\Users\TheLeX0R\Documents\NFS Undercover
2014-05-03 16:51 - 2014-05-03 16:51 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Criterion Games
2014-05-03 04:09 - 2014-05-24 12:54 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-03 04:09 - 2014-05-24 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Image-Line
2014-05-03 04:09 - 2009-09-15 11:14 - 01554944 _____ (HMS hxxp://hp.vector.co.jp/authors/VA012897/) C:\Windows\SysWOW64\vorbis.acm
2014-05-03 04:09 - 2006-06-20 10:56 - 00225280 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\rewire.dll
2014-05-03 01:56 - 2014-05-03 02:20 - 00000000 ____D () C:\Users\TheLeX0R\Documents\SHIFT 2 UNLEASHED
2014-05-02 21:05 - 2014-05-02 21:05 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-05-02 21:04 - 2014-05-02 21:04 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-02 20:53 - 2014-05-09 22:05 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-05-02 20:53 - 2014-05-09 22:01 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-05-01 01:53 - 2014-05-24 12:47 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\EZDownloader
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\MiniApp
2014-05-01 01:43 - 2014-05-25 08:50 - 00000000 ____D () C:\ProgramData\a83ca1c1cc1eed82
2014-05-01 01:43 - 2014-05-24 13:06 - 00000000 ____D () C:\ProgramData\savve nett
2014-05-01 01:43 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator
2014-04-26 17:29 - 2014-04-26 17:29 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-26 13:02 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-26 13:02 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-26 13:02 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-26 13:02 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-26 13:02 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-26 13:02 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-26 13:02 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-26 13:02 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-25 00:27 - 2014-04-26 19:56 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Diablo III

==================== One Month Modified Files and Folders =======

2014-05-25 09:02 - 2014-01-17 21:35 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Battle.net
2014-05-25 09:01 - 2014-05-25 09:01 - 00025491 _____ () C:\Users\TheLeX0R\Downloads\FRST.txt
2014-05-25 09:01 - 2014-05-22 15:17 - 00000000 ____D () C:\FRST
2014-05-25 09:00 - 2014-05-25 09:00 - 00000000 ____D () C:\Users\TheLeX0R\Downloads\FRST-OlderVersion
2014-05-25 09:00 - 2014-05-22 15:17 - 02066432 _____ (Farbar) C:\Users\TheLeX0R\Downloads\FRST64.exe
2014-05-25 08:59 - 2014-05-25 08:58 - 251368283 _____ (F-Secure Corporation) C:\Users\TheLeX0R\Downloads\fsdbupdate9.exe
2014-05-25 08:58 - 2014-02-15 21:53 - 00000936 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-05-25 08:56 - 2013-03-22 22:39 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Skype
2014-05-25 08:52 - 2013-07-16 00:44 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA.job
2014-05-25 08:50 - 2014-05-01 01:43 - 00000000 ____D () C:\ProgramData\a83ca1c1cc1eed82
2014-05-25 08:49 - 2014-02-26 17:12 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\WinZipper
2014-05-25 08:41 - 2014-03-17 03:18 - 01641603 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 08:40 - 2014-05-06 19:59 - 00002422 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3.job
2014-05-25 08:40 - 2014-05-06 19:59 - 00001480 _____ () C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5.job
2014-05-25 08:40 - 2013-06-28 12:29 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Adobe
2014-05-25 08:40 - 2013-05-10 10:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-25 08:40 - 2013-03-22 23:26 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-25 08:40 - 2013-03-22 22:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 21:21 - 2013-07-26 19:17 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\LogMeIn Hamachi
2014-05-24 21:21 - 2013-03-22 23:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 21:18 - 2013-07-16 00:44 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core.job
2014-05-24 21:08 - 2014-05-06 23:38 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Purplizer
2014-05-24 21:03 - 2014-02-15 21:53 - 00000932 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-05-24 15:44 - 2013-03-22 17:07 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\PMB Files
2014-05-24 15:01 - 2014-02-15 21:53 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-24 15:01 - 2013-04-01 16:07 - 00000302 _____ () C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
2014-05-24 13:13 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 13:13 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 13:12 - 2013-03-23 01:21 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-24 13:12 - 2013-03-23 01:21 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-24 13:12 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-24 13:07 - 2013-05-16 18:18 - 00003034 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-05-24 13:06 - 2014-05-22 20:25 - 00000000 ____D () C:\ProgramData\50CoupOnos
2014-05-24 13:06 - 2014-05-19 15:54 - 00007850 _____ () C:\Windows\PFRO.log
2014-05-24 13:06 - 2014-05-18 22:52 - 00002511 _____ () C:\Windows\setupact.log
2014-05-24 13:06 - 2014-05-01 01:43 - 00000000 ____D () C:\ProgramData\savve nett
2014-05-24 13:06 - 2013-09-17 15:21 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Overwolf
2014-05-24 13:06 - 2013-03-22 16:49 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-05-24 13:06 - 2013-03-22 16:42 - 00000144 _____ () C:\service.log
2014-05-24 13:06 - 2013-03-22 16:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-24 13:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-24 13:04 - 2014-02-15 21:53 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\SaveSense
2014-05-24 13:04 - 2014-02-15 21:53 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\SaveSense
2014-05-24 13:03 - 2013-03-22 16:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-24 13:02 - 2013-07-03 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-05-24 12:59 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 12:54 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-24 12:54 - 2014-05-03 04:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-24 12:47 - 2014-05-01 01:53 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\EZDownloader
2014-05-24 12:46 - 2013-03-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-24 12:44 - 2013-07-28 02:36 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-05-24 12:23 - 2014-05-24 12:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\TheLeX0R\Downloads\revosetup.exe
2014-05-24 12:23 - 2014-05-24 12:23 - 00001264 _____ () C:\Users\TheLeX0R\Desktop\Revo Uninstaller.lnk
2014-05-24 12:23 - 2014-05-24 12:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-24 12:21 - 2014-05-24 12:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\TheLeX0R\Downloads\Revo Uninstaller - CHIP-Installer.exe
2014-05-22 15:10 - 2013-07-06 17:38 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Spotify
2014-05-22 15:03 - 2014-05-13 17:20 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Spotify
2014-05-22 00:56 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-21 20:53 - 2014-02-15 21:53 - 00000290 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-21 19:55 - 2013-07-03 15:49 - 00000000 ____D () C:\Users\TheLeX0R\Desktop\Alles
2014-05-21 13:20 - 2014-05-21 13:20 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Packages
2014-05-21 13:05 - 2014-05-21 13:04 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-05-21 13:04 - 2014-05-21 13:04 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-05-20 21:58 - 2013-03-26 16:38 - 00000000 ____D () C:\ProgramData\Origin
2014-05-20 21:36 - 2014-05-15 13:14 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Skyrim
2014-05-20 21:00 - 2013-03-26 19:21 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-20 21:00 - 2013-03-26 18:42 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-20 21:00 - 2013-03-26 18:42 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-20 18:30 - 2013-04-05 13:37 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\vlc
2014-05-20 16:34 - 2014-05-20 16:34 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-20 16:34 - 2014-05-20 16:21 - 00037174 _____ () C:\Windows\DirectX.log
2014-05-20 16:22 - 2014-05-20 16:22 - 00000793 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-20 16:22 - 2014-05-20 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-19 17:08 - 2013-03-22 17:07 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-18 22:52 - 2014-05-18 22:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-17 14:00 - 2013-06-03 17:40 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\TS3Client
2014-05-17 13:51 - 2013-09-17 15:07 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-16 17:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:57 - 2014-05-16 15:57 - 00001519 _____ () C:\Users\TheLeX0R\Desktop\skse_loader.exe - Verknüpfung.lnk
2014-05-16 01:43 - 2014-05-16 01:43 - 00001172 _____ () C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk
2014-05-16 01:35 - 2014-05-15 16:05 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Nexus Mod Manager
2014-05-15 19:51 - 2013-03-22 23:05 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-15 18:03 - 2013-03-22 23:06 - 00000000 ____D () C:\Users\TheLeX0R\Documents\My Games
2014-05-15 16:05 - 2014-05-15 16:05 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Black_Tree_Gaming
2014-05-15 16:04 - 2014-05-15 16:04 - 00000742 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-05-15 16:04 - 2014-05-15 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-05-15 12:26 - 2013-03-22 16:55 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-15 12:19 - 2013-12-23 21:21 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 12:19 - 2013-05-10 10:28 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 12:19 - 2013-05-10 10:28 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 12:17 - 2013-03-22 16:29 - 00000000 ___RD () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:17 - 2013-03-22 16:29 - 00000000 ___RD () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 23:46 - 2013-03-22 16:53 - 00069056 _____ () C:\Users\TheLeX0R\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-14 23:46 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-14 23:45 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-14 23:45 - 2009-07-14 06:45 - 04990336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 23:44 - 2014-05-14 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 23:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 22:12 - 2013-07-28 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:11 - 2013-03-26 00:35 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 21:24 - 2013-03-22 22:57 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:24 - 2013-03-22 22:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:24 - 2013-03-22 22:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 21:43 - 2014-05-12 21:43 - 00004416 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 21:43 - 2013-10-19 17:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 21:43 - 2013-10-19 17:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-12 01:30 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-11 23:57 - 2014-05-11 23:57 - 00000863 _____ () C:\Users\TheLeX0R\Desktop\TERA.lnk
2014-05-11 23:57 - 2013-05-10 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
2014-05-11 20:47 - 2014-05-11 20:47 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Facebook
2014-05-11 20:47 - 2013-07-16 00:44 - 00003922 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA
2014-05-11 20:47 - 2013-07-16 00:44 - 00003554 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core
2014-05-10 12:36 - 2014-05-10 12:36 - 00000831 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-10 12:36 - 2014-05-10 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-10 12:32 - 2013-06-17 18:52 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\CrashDumps
2014-05-10 01:33 - 2014-05-10 01:33 - 00000000 ____D () C:\ProgramData\BioWare
2014-05-10 01:32 - 2014-05-10 01:32 - 00009063 _____ () C:\Users\TheLeX0R\Documents\DAOriginsConfigReport2014-05-10.xml
2014-05-10 01:28 - 2014-05-10 01:28 - 00007902 _____ () C:\Users\TheLeX0R\Documents\DAO Ultimate Addins Updater.log
2014-05-10 01:28 - 2013-10-14 21:30 - 00000000 ____D () C:\Users\TheLeX0R\Documents\BioWare
2014-05-09 22:05 - 2014-05-02 20:53 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-05-09 22:01 - 2014-05-02 20:53 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-05-09 08:14 - 2014-05-14 20:15 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 20:15 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 22:04 - 2014-05-08 22:04 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Image-Line
2014-05-08 16:43 - 2014-05-08 16:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-08 16:43 - 2014-05-08 16:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400149151158
2014-05-08 16:43 - 2013-05-10 10:28 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400149151158
2014-05-08 16:43 - 2013-05-10 10:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-08 16:43 - 2013-05-10 10:28 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-08 16:43 - 2013-05-10 10:28 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 ____D () C:\ProgramData\DiigeiSaveer
2014-05-06 23:36 - 2014-05-06 23:36 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-05-06 19:59 - 2014-05-06 19:59 - 00005452 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3
2014-05-06 19:59 - 2014-05-06 19:59 - 00004510 _____ () C:\Windows\System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5
2014-05-06 06:40 - 2014-05-14 22:17 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 22:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 22:17 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 22:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 22:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 22:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 20:49 - 2014-05-04 20:49 - 00000000 ____D () C:\Users\TheLeX0R\Documents\NFS Undercover
2014-05-04 20:48 - 2013-03-26 19:21 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\PunkBuster
2014-05-03 17:50 - 2013-08-31 14:13 - 00000000 _____ () C:\dfu.log
2014-05-03 16:51 - 2014-05-03 16:51 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Criterion Games
2014-05-03 04:09 - 2014-05-03 04:09 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Image-Line
2014-05-03 02:20 - 2014-05-03 01:56 - 00000000 ____D () C:\Users\TheLeX0R\Documents\SHIFT 2 UNLEASHED
2014-05-03 02:06 - 2014-01-03 05:23 - 00000000 ____D () C:\ProgramData\Solidshield
2014-05-02 21:05 - 2014-05-02 21:05 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-02 21:05 - 2014-05-02 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-05-02 21:05 - 2013-11-05 21:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-02 21:04 - 2014-05-02 21:04 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-01 01:44 - 2014-05-01 01:44 - 00000000 ____D () C:\ProgramData\MiniApp
2014-05-01 01:44 - 2014-05-01 01:43 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Gast
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-01 01:43 - 2014-05-01 01:43 - 00000000 ____D () C:\Users\Administrator
2014-05-01 01:43 - 2013-03-22 23:26 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Google
2014-04-30 20:29 - 2013-10-28 18:57 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-30 20:29 - 2013-10-28 18:57 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-30 16:07 - 2013-04-01 16:07 - 00000310 _____ () C:\Windows\Tasks\Registry Optimizer_UPDATES.job
2014-04-30 01:52 - 2014-04-09 14:53 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Activision
2014-04-30 01:52 - 2014-04-09 14:53 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Local\Activision
2014-04-26 19:56 - 2014-04-25 00:27 - 00000000 ____D () C:\Users\TheLeX0R\Documents\Diablo III
2014-04-26 17:29 - 2014-04-26 17:29 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-25 02:01 - 2013-05-16 19:03 - 00000000 ____D () C:\Users\TheLeX0R\AppData\Roaming\.minecraft

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat
C:\ProgramData\hash.dat
C:\Users\TheLeX0R\createfileassoc.exe
C:\Users\TheLeX0R\error_report.exe
C:\Users\TheLeX0R\libeay32.dll
C:\Users\TheLeX0R\msvcp110.dll
C:\Users\TheLeX0R\msvcr110.dll
C:\Users\TheLeX0R\OverwolfTeamSpeakInstaller.exe
C:\Users\TheLeX0R\package_inst.exe
C:\Users\TheLeX0R\Qt5Core.dll
C:\Users\TheLeX0R\Qt5Gui.dll
C:\Users\TheLeX0R\Qt5Network.dll
C:\Users\TheLeX0R\Qt5Sql.dll
C:\Users\TheLeX0R\Qt5Widgets.dll
C:\Users\TheLeX0R\quazip.dll
C:\Users\TheLeX0R\ssleay32.dll
C:\Users\TheLeX0R\ts3client_win64.exe
C:\Users\TheLeX0R\Uninstall.exe
C:\Users\TheLeX0R\update.exe


Some content of TEMP:
====================
C:\Users\TheLeX0R\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-16 17:07

==================== End Of Log ============================

--- --- ---

TheLeX0R · 25.05.2014, 08:10

und das Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014
Ran by TheLeX0R at 2014-05-25 09:02:09
Running from C:\Users\TheLeX0R\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD OverDrive (HKLM-x32\...\{973620A0-7EA9-4D9D-95B7-349B78664AC7}) (Version: 4.2.6.0638 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Ashampoo WinOptimizer 10 v.10.2.6 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.06 - Ashampoo GmbH & Co. KG)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version:  - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Keyboard Layout by -Sp0ng3B0b- v2 (HKLM\...\{744D08ED-C523-40AD-886A-0CAD5B770924}) (Version: 1.0.3.40 - Crossfire-GermanY.eu)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Easy Tune 6 B11.0427.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0427.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.0 - Ellora Assets Corporation)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version:  - Piranha – Bytes )
Gothic 3 Forsaken Gods Enhanced Edition (HKLM-x32\...\Steam App 65600) (Version:  - Trine Studios)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar)
GRID (HKLM-x32\...\Steam App 12750) (Version:  - Codemasters Studios)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{8133D9DE-F412-4CFB-A359-5E3EE38A9A19}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Rockstar)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MTA:SA v1.3.2 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.2 - Multi Theft Auto)
MX vs ATV Reflex (HKLM-x32\...\Steam App 55140) (Version:  - Double Helix Games)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
Need for Speed: Undercover (HKLM-x32\...\Steam App 17430) (Version:  - EA Black Box)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 21.0.1432.67 (HKLM-x32\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Sacred 2 (HKLM-x32\...\{1023383E-D9F6-478C-A965-23A4657B3C9A}) (Version: 2.0.2.0 - Ascaron Entertainment)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Samplitude Pro X Silver (HKLM-x32\...\MAGIX_{86460AB2-75D3-400D-B9A8-232EC729192E}) (Version: 12.0.2.115 - MAGIX AG)
Samplitude Pro X Silver (Version: 12.0.2.115 - MAGIX AG) Hidden
Samplitude Pro X Silver 64-Bit Addon for Samplitude Pro X Silver (HKLM-x32\...\{DA120551-51CE-3195-8F9E-93D822F61597}) (Version: 1.3.0.0 - MAGIX AG)
Samplitude Pro X Silver Independence Free for Samplitude Pro X Silver (HKLM-x32\...\{E80D368A-7860-33B0-AD3C-4C94D8023141}) (Version: 1.3.0.0 - MAGIX AG)
Samplitude Pro X Silver Objekt-Synthesizer for Samplitude Pro X Silver (HKLM-x32\...\{D1B56A67-E132-39BB-8250-BE265061B712}) (Version: 1.0.0.0 - MAGIX AG)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2070.0 - Hi-Rez Studios)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
Special Force 2  1.0 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 (HKLM-x32\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios)
System Explorer 5.6.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Amazing Spider-Man 2 (HKLM-x32\...\Steam App 267550) (Version:  - Beenox)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version:  - NeocoreGames)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.3.6 - Electronic Arts)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
TP-LINK Drahtlos Tool (HKLM-x32\...\{B9A431FF-FDB1-40E5-B5F3-215290FD62DE}) (Version: 7.0 - TP-LINK)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
USB2.0 Audio Capture (HKLM\...\VID_1F4D&PID_0102&MI_00) (Version: 1.0.0.0 - Conexant Systems)
USB2.0 Video Capture (HKLM\...\VID_1F4D&PID_0102&MI_01) (Version: 1.0.0.0 - Conexant Systems)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version:  - )
XSplit Broadcaster (HKLM-x32\...\{781B7F3D-8107-4049-80C0-16FF46420184}) (Version: 1.3.1306.2101 - SplitMediaLabs)

==================== Restore Points  =========================

24-05-2014 10:55:57 Revo Uninstaller's restore point - LOLReplay
24-05-2014 10:57:51 Revo Uninstaller's restore point - NeewSAver
24-05-2014 10:59:05 Revo Uninstaller's restore point - D-Link DWA-131 Wireless N Nano USB Adapter
24-05-2014 11:00:08 Revo Uninstaller's restore point - Facebook Messenger 2.1.4814.0
24-05-2014 11:00:17 Removed Facebook Messenger 2.1.4814.0
24-05-2014 11:01:37 Revo Uninstaller's restore point - ObjectDock Plus
24-05-2014 11:02:58 Entfernt D-Link DWA-131 Wireless N Nano USB Adapter
24-05-2014 11:09:20 Revo Uninstaller's restore point - SC Net Speed Booster 4.4.0.0
24-05-2014 11:10:37 Revo Uninstaller's restore point - Open Broadcaster Software
24-05-2014 11:12:05 Revo Uninstaller's restore point - SNT
24-05-2014 11:13:41 Revo Uninstaller's restore point - SW-Sustainer 1.80
25-05-2014 06:49:08 Revo Uninstaller's restore point - WinZipper
25-05-2014 06:50:02 Revo Uninstaller's restore point - YoutubeAdblocker

==================== Scheduled Tasks (whitelisted) =============

Task: {07D34D9E-74FC-4F2A-A2A1-13DD8DE162C6} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {1783BCD6-E278-4EAA-8296-077E39F76C7E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-08] (AVAST Software)
Task: {184E1E81-6EEF-4A59-A1FC-97EDF21193C2} - \RegClean Pro No Task File <==== ATTENTION
Task: {259DB01C-4CCE-4030-A706-1A4C45BD0099} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2AB4F7BD-315D-424A-8D8F-CC6294214A9E} - \Registry Optimizer_UPDATES No Task File <==== ATTENTION
Task: {42A67565-9115-4C17-89ED-FF953EC130AC} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {4B420A2F-7202-40F8-8382-E2D5929EB0E6} - System32\Tasks\MSIAfterburner => D:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-01-23] ()
Task: {4DD4030C-D5C3-49DE-A11E-2DB8671218B8} - \Registry Optimizer No Task File <==== ATTENTION
Task: {4EB712EF-09C3-4639-B153-7431A9E15C28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22] (Google Inc.)
Task: {4FC564AC-5546-44F0-BF58-9A8002142653} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {6ED70C2C-B960-401E-85E2-EC6D7D8AA52D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {830B9760-328B-4E5F-A010-56867229B77A} - \Registry Optimizer_DEFAULT No Task File <==== ATTENTION
Task: {83EF0A29-B7F5-4DB5-BBA5-410E9D16DEB9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {944A130F-BC82-48EC-B152-492FD0179F59} - \Advanced System Protector No Task File <==== ATTENTION
Task: {9D86188D-49A4-4EFC-9558-84DCC5450933} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {9DF8BF01-CC61-48DE-A6B1-73037AB3903D} - System32\Tasks\{8F8D07BE-4348-4DB7-80B2-86B7030D1FCB} => D:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
Task: {A7E0E658-D83C-4003-9C6F-E6B90B7EDDB4} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {AA987E22-C95C-4E1B-8D8B-E829CA26C5C7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {AE73D7E9-9AD3-40C3-88BA-4C942F7BE348} - System32\Tasks\AdobeAAMUpdater-1.0-TheLeX0R-PC-TheLeX0R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {AEC790BF-1093-4EAB-96D6-E32CB5C80503} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {B48B8D41-2F35-464D-B95D-0B0A0204039E} - \SaveSenseLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {C1433ECF-19F1-4546-A07C-50ADFF452228} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {CD76E85A-C8A2-4DC6-8B9B-943BA5EB229B} - System32\Tasks\{AC3F3DE1-A764-47D6-8219-BAC3F9D8DA96} => D:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
Task: {CE1EFDE6-1E3A-4246-A62F-FFC86101ED91} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CE496BD6-AA4D-4D3D-9C20-13048BC2F60F} - System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5 => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-5.exe
Task: {D2D9D95C-1D00-4501-A0EA-D2569D2442A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22] (Google Inc.)
Task: {DDA30E1C-62AF-48E2-828C-4F27E2523300} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-11] (Facebook Inc.)
Task: {E0BDB290-CB82-4BAC-96EF-049D6EB9BA9D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-11] (Facebook Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E45CB5A8-6EE5-4376-882D-10EA516A34DA} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {EF681E9D-516C-4A56-A3C2-4F4B9A28FB6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {F3594CD3-6762-4FD3-92DC-D571F19ECF78} - System32\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3 => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-3.exe
Task: {FFE2D4B9-30DD-4ACF-A5D0-DF870AC40B34} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-3.job => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-3.exe
Task: C:\Windows\Tasks\60f8b19e-300a-4164-a512-cce52df60a76-5.job => C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000Core.job => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948014355-1045144865-171497218-1000UA.job => C:\Users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-10-26 15:20 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-22 16:42 - 2009-08-24 15:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2013-03-26 18:42 - 2014-04-24 17:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-09 01:08 - 2013-10-08 15:07 - 00885096 _____ () D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
2014-05-23 14:36 - 2014-05-23 14:36 - 02254848 _____ () C:\Program Files\AVAST Software\Avast\defs\14052200\algo.dll
2014-05-24 13:08 - 2014-05-24 13:08 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052400\algo.dll
2013-03-22 16:42 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2013-12-06 20:37 - 2013-12-06 20:37 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-10 12:36 - 2014-05-10 12:36 - 26118656 _____ () D:\Program Files (x86)\Battle.net\Battle.net.4511\libcef.dll
2014-05-10 12:36 - 2014-05-10 12:36 - 00739840 _____ () D:\Program Files (x86)\Battle.net\Battle.net.4511\libglesv2.dll
2014-05-10 12:36 - 2014-05-10 12:36 - 00130048 _____ () D:\Program Files (x86)\Battle.net\Battle.net.4511\libegl.dll
2014-05-21 21:35 - 2014-04-30 02:08 - 01135104 _____ () D:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 09:14 - 2014-04-30 02:08 - 00471552 _____ () D:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 21:35 - 2014-04-30 02:08 - 00404992 _____ () D:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-09 16:57 - 2014-04-30 02:08 - 00340992 _____ () D:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-05-17 03:36 - 00756224 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 21:35 - 2014-04-29 02:37 - 02198720 _____ () D:\Program Files (x86)\Steam\video.dll
2014-05-21 21:35 - 2014-04-29 02:37 - 00519168 _____ () D:\Program Files (x86)\Steam\libswscale-2.dll
2013-03-15 18:29 - 2014-05-21 19:39 - 01145536 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-14 22:19 - 2014-05-02 01:35 - 20628160 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 01100800 _____ () D:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00124416 _____ () D:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00192000 _____ () D:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-25 20:25 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\TheLeX0R\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\TheLeX0R\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther VPN Project
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: avast! Network Shield Support
Description: avast! Network Shield Support
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswTdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: adgnetworktdi
Description: adgnetworktdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: adgnetworktdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2014 08:40:54 AM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/24/2014 09:04:00 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/24/2014 01:08:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2014 00:13:02 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/23/2014 07:08:21 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/23/2014 02:35:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 07:00:12 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/22/2014 02:11:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:59:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]


System errors:
=============
Error: (05/25/2014 08:49:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WinZiper service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/25/2014 08:41:53 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/25/2014 08:41:51 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/25/2014 08:41:50 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/25/2014 08:41:48 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/25/2014 08:40:49 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/25/2014 08:40:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (05/25/2014 08:40:46 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/24/2014 10:52:07 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/24/2014 09:05:00 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.


Microsoft Office Sessions:
=========================
Error: (05/25/2014 08:40:54 AM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/24/2014 09:04:00 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/24/2014 01:08:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2014 00:13:02 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/23/2014 07:08:21 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/23/2014 02:35:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 07:00:12 PM) (Source: Google Update) (EventID: 20) (User: TheLeX0R-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (05/22/2014 02:11:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:59:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:57:54 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 11517.24 MB
Available physical RAM: 8639.73 MB
Total Pagefile: 23232.66 MB
Available Pagefile: 20187.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.53 GB) (Free:18.62 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:931.51 GB) (Free:245.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: DD4A377F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CF7B7D37)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 25.05.2014, 18:40

Dann jetzt Combofix wie oben angegeben.

TheLeX0R · 25.05.2014, 19:56

Hier die Combofix.txt:

Code:

ATTFilter

ComboFix 14-05-19.01 - TheLeX0R 25.05.2014  20:45:28.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.11517.9153 [GMT 2:00]
ausgeführt von:: c:\users\TheLeX0R\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\programdata\SaveSenseLive
c:\programdata\SaveSenseLive\Update\Log\SaveSenseLive.log
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh\5.3\background.html
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh\5.3\content.js
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh\5.3\eVCox5dsE.js
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh\5.3\lsdb.js
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigldfckchhildklhaimjihggaapjkeh\5.3\manifest.json
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklmkkhhhhambjcfleebcdgkoceobbhb
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklmkkhhhhambjcfleebcdgkoceobbhb\7.0\background.html
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklmkkhhhhambjcfleebcdgkoceobbhb\7.0\content.js
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklmkkhhhhambjcfleebcdgkoceobbhb\7.0\lsdb.js
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklmkkhhhhambjcfleebcdgkoceobbhb\7.0\manifest.json
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklmkkhhhhambjcfleebcdgkoceobbhb\7.0\SLlWo8OyaxA.js
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kigldfckchhildklhaimjihggaapjkeh_0.localstorage-journal
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kigldfckchhildklhaimjihggaapjkeh_0.localstorage
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kklmkkhhhhambjcfleebcdgkoceobbhb_0.localstorage-journal
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kklmkkhhhhambjcfleebcdgkoceobbhb_0.localstorage
c:\users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\TheLeX0R\AppData\Roaming\AriBQ.vbs
c:\users\TheLeX0R\AppData\Roaming\SaveSense
c:\users\TheLeX0R\createfileassoc.exe
c:\users\TheLeX0R\quazip.dll
c:\users\TheLeX0R\Uninstall.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\SysWow64\X86
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
-------\Service_savesenselive
-------\Service_savesenselivem
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-25 bis 2014-05-25  ))))))))))))))))))))))))))))))
.
.
2014-05-25 18:49 . 2014-05-25 18:49	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-05-25 18:49 . 2014-05-25 18:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-24 10:23 . 2014-05-24 10:23	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-05-23 13:00 . 2014-04-30 23:20	10702536	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E32EF372-929F-40A3-83C6-43D0328C49D3}\mpengine.dll
2014-05-22 19:38 . 2014-03-31 16:42	40392	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-05-22 19:38 . 2014-03-31 16:42	34760	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-05-22 18:25 . 2014-05-24 11:06	--------	d-----w-	c:\programdata\50CoupOnos
2014-05-22 13:17 . 2014-05-25 07:02	--------	d-----w-	C:\FRST
2014-05-21 11:20 . 2014-05-21 11:20	--------	d-----w-	c:\users\TheLeX0R\AppData\Local\Packages
2014-05-21 11:04 . 2014-05-21 11:05	--------	d-----w-	c:\programdata\SystemExplorer
2014-05-21 11:04 . 2014-05-21 11:04	--------	d-----w-	c:\program files (x86)\System Explorer
2014-05-20 14:34 . 2014-05-20 14:34	--------	d-----w-	c:\programdata\PopCap Games
2014-05-15 14:33 . 2011-02-25 06:19	2871808	----a-w-	c:\windows\explorer.exe
2014-05-15 14:33 . 2011-02-25 05:30	2616320	----a-w-	c:\windows\SysWow64\explorer.exe
2014-05-15 14:33 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2014-05-15 14:33 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2014-05-15 14:05 . 2014-05-15 14:05	--------	d-----w-	c:\users\TheLeX0R\AppData\Local\Black_Tree_Gaming
2014-05-15 11:14 . 2014-05-20 19:36	--------	d-----w-	c:\users\TheLeX0R\AppData\Local\Skyrim
2014-05-14 21:50 . 2014-03-25 02:43	14175744	----a-w-	c:\windows\system32\shell32.dll
2014-05-14 21:44 . 2014-05-14 21:44	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-14 20:21 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2014-05-14 20:21 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2014-05-14 20:21 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-05-14 20:21 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2014-05-14 20:21 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2014-05-14 20:18 . 2014-05-14 20:18	--------	d-----w-	c:\windows\Migration
2014-05-14 20:17 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-14 20:17 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-14 20:17 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-14 20:17 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-14 20:13 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-05-14 20:13 . 2012-07-26 04:47	2560	----a-w-	c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-05-14 20:08 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2014-05-14 20:08 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2014-05-14 20:08 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2014-05-14 20:08 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2014-05-14 20:08 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2014-05-14 20:08 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2014-05-14 20:08 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2014-05-14 18:14 . 2011-05-04 05:25	2315776	----a-w-	c:\windows\system32\tquery.dll
2014-05-14 18:13 . 2012-10-03 17:44	303104	----a-w-	c:\windows\system32\nlasvc.dll
2014-05-14 18:13 . 2012-10-03 17:44	246272	----a-w-	c:\windows\system32\netcorehc.dll
2014-05-14 18:13 . 2012-10-03 17:44	216576	----a-w-	c:\windows\system32\ncsi.dll
2014-05-14 18:13 . 2012-10-03 17:42	569344	----a-w-	c:\windows\system32\iphlpsvc.dll
2014-05-14 18:13 . 2012-10-03 16:42	175104	----a-w-	c:\windows\SysWow64\netcorehc.dll
2014-05-14 18:13 . 2012-10-03 16:42	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2014-05-14 18:13 . 2012-10-03 17:44	70656	----a-w-	c:\windows\system32\nlaapi.dll
2014-05-14 18:13 . 2012-10-03 17:44	18944	----a-w-	c:\windows\system32\netevent.dll
2014-05-14 18:13 . 2012-10-03 16:42	18944	----a-w-	c:\windows\SysWow64\netevent.dll
2014-05-14 18:13 . 2012-10-03 16:07	45568	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2014-05-14 18:13 . 2012-01-13 07:12	52224	----a-w-	c:\windows\SysWow64\nlaapi.dll
2014-05-14 17:54 . 2014-04-12 02:19	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-05-13 15:20 . 2014-05-22 13:03	--------	d-----w-	c:\users\TheLeX0R\AppData\Local\Spotify
2014-05-12 19:43 . 2014-04-14 18:13	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-11 18:47 . 2014-05-11 18:47	--------	d-----w-	c:\users\TheLeX0R\AppData\Local\Facebook
2014-05-09 23:33 . 2014-05-09 23:33	--------	d-----w-	c:\programdata\BioWare
2014-05-08 20:04 . 2014-05-08 20:04	--------	d-----w-	c:\users\TheLeX0R\AppData\Roaming\Image-Line
2014-05-08 14:43 . 2014-05-08 14:43	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-05-08 14:43 . 2014-05-08 14:43	43152	----a-w-	c:\windows\avastSS.scr
2014-05-07 23:11 . 2014-05-07 23:11	--------	d-----w-	c:\programdata\DiigeiSaveer
2014-05-06 21:38 . 2014-05-24 19:08	--------	d-----w-	c:\users\TheLeX0R\AppData\Local\Purplizer
2014-05-06 21:36 . 2014-05-06 21:36	--------	d-----w-	c:\program files (x86)\Common Files\Overwolf
2014-05-03 14:51 . 2014-05-03 14:51	--------	d-----w-	c:\users\TheLeX0R\AppData\Local\Criterion Games
2014-05-03 02:09 . 2006-06-20 08:56	225280	----a-w-	c:\windows\SysWow64\rewire.dll
2014-05-03 02:09 . 2009-09-15 09:14	1554944	----a-w-	c:\windows\SysWow64\vorbis.acm
2014-05-02 19:04 . 2014-05-02 19:04	--------	d-----w-	c:\program files\Microsoft Mouse and Keyboard Center
2014-05-02 18:53 . 2014-05-09 20:01	290304	----a-w-	c:\windows\SysWow64\subinacl.exe
2014-05-02 18:53 . 2014-05-09 20:05	--------	d-----w-	c:\program files\Adware-Removal-Tool
2014-05-02 18:53 . 2014-05-02 18:53	--------	d-----w-	c:\program files\Common Files\Microsoft
2014-04-30 23:53 . 2014-05-24 10:47	--------	d-----w-	c:\users\TheLeX0R\AppData\Roaming\EZDownloader
2014-04-30 23:44 . 2014-04-30 23:44	--------	d-----w-	c:\programdata\MiniApp
2014-04-30 23:44 . 2014-04-30 23:44	--------	d-----w-	c:\windows\SysWow64\AMD64
2014-04-26 15:29 . 2014-04-26 15:29	--------	d-----w-	c:\programdata\Blizzard Entertainment
2014-04-26 11:02 . 2014-03-04 09:44	243712	----a-w-	c:\windows\system32\wow64.dll
2014-04-26 11:02 . 2014-03-04 09:44	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-04-26 11:02 . 2014-03-04 09:44	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-04-26 11:02 . 2014-03-04 09:44	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-04-26 11:02 . 2014-03-04 09:44	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-04-26 11:02 . 2014-03-04 09:17	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-04-26 11:02 . 2014-03-04 09:16	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-04-26 11:02 . 2014-03-04 09:16	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-04-26 11:02 . 2014-03-04 08:09	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-04-26 11:02 . 2014-03-04 08:09	2048	----a-w-	c:\windows\SysWow64\user.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-25 18:50 . 2013-03-22 14:49	25640	----a-w-	c:\windows\gdrv.sys
2014-05-20 19:00 . 2013-03-26 17:21	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-05-20 19:00 . 2013-03-26 16:42	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-05-20 19:00 . 2013-03-26 16:42	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-05-15 10:19 . 2013-12-23 19:21	85328	----a-w-	c:\windows\system32\drivers\aswstm.sys
2014-05-15 10:19 . 2013-05-10 08:28	423240	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-05-15 10:19 . 2013-05-10 08:28	1039096	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-05-14 20:11 . 2013-03-25 22:35	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-13 19:24 . 2013-03-22 20:57	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 19:24 . 2013-03-22 20:57	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-08 14:43 . 2013-05-10 08:28	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-05-08 14:43 . 2013-05-10 08:28	79184	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-05-08 14:43 . 2013-05-10 08:28	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-05-08 14:43 . 2013-05-10 08:28	334648	----a-w-	c:\windows\system32\aswBoot.exe
2014-05-08 14:43 . 2013-05-10 08:28	208416	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-04-30 18:29 . 2013-10-28 16:57	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-10-28 16:57	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2014-04-24 15:22 . 2013-03-26 16:42	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-03-31 16:42 . 2013-10-26 13:18	37320	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-03-31 07:35 . 2010-11-21 03:27	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-23 21:16 . 2014-03-23 21:16	2560	----a-w-	c:\windows\_MSRSTRT.EXE
2014-03-12 23:00 . 2014-03-12 23:00	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-03-12 23:00 . 2014-03-12 23:00	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-03-12 23:00 . 2014-03-12 23:00	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-03-12 13:58 . 2014-03-12 13:58	28768	----a-w-	c:\windows\system32\drivers\Neo_0090.sys
2014-03-12 13:56 . 2014-03-12 13:56	135736	----a-w-	c:\windows\system32\vpncmd.exe
2014-03-12 11:51 . 2014-03-12 11:51	10762696	----a-w-	c:\users\TheLeX0R\ts3client_win64.exe
2014-03-11 09:37 . 2014-03-11 09:37	671688	----a-w-	c:\users\TheLeX0R\update.exe
2014-03-04 14:35 . 2014-03-11 15:50	9690424	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-03-04 14:35 . 2014-03-11 15:50	892704	----a-w-	c:\windows\system32\NvIFR64.dll
2014-03-04 14:35 . 2014-03-11 15:50	877856	----a-w-	c:\windows\system32\NvFBC64.dll
2014-03-04 14:35 . 2014-03-11 15:50	863064	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-03-04 14:35 . 2014-03-11 15:50	846168	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-03-04 14:35 . 2014-03-11 15:50	832936	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-03-04 14:35 . 2014-03-11 15:50	353504	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-03-04 14:35 . 2014-03-11 15:50	3143456	----a-w-	c:\windows\system32\nvcuvid.dll
2014-03-04 14:35 . 2014-03-11 15:50	305600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-03-04 14:35 . 2014-03-11 15:50	2958792	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-03-04 14:35 . 2014-03-11 15:50	23716640	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-03-04 14:35 . 2014-03-11 15:50	1885472	----a-w-	c:\windows\system32\nvdispco6433523.dll
2014-03-04 14:35 . 2014-03-11 15:50	17755424	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-03-04 14:35 . 2014-03-11 15:50	174296	----a-w-	c:\windows\system32\nvinitx.dll
2014-03-04 14:35 . 2014-03-11 15:50	15783992	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2014-03-11 15:50	1516488	----a-w-	c:\windows\system32\nvdispgenco6433523.dll
2014-03-04 14:35 . 2014-03-11 15:50	148016	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-03-04 14:35 . 2014-03-11 15:50	12708128	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-03-04 14:35 . 2014-03-11 15:50	11589272	----a-w-	c:\windows\system32\nvopencl.dll
2014-03-04 14:35 . 2014-03-11 15:50	9728064	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-03-04 14:35 . 2014-03-11 15:50	2783008	----a-w-	c:\windows\system32\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-11 15:50	25255256	----a-w-	c:\windows\system32\nvcompiler.dll
2014-03-04 14:35 . 2014-03-11 15:50	2411976	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-11 15:50	17561544	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-03-04 14:35 . 2014-03-11 15:50	11636176	----a-w-	c:\windows\system32\nvcuda.dll
2014-03-04 14:35 . 2013-10-26 13:18	947808	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2013-10-26 13:18	31474976	----a-w-	c:\windows\system32\nvoglv64.dll
2014-03-04 14:35 . 2013-10-26 13:18	18302384	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2013-10-26 13:18	3093280	----a-w-	c:\windows\system32\nvapi64.dll
2014-03-04 14:35 . 2013-10-26 13:18	2715264	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2013-10-26 13:18	14709720	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2013-03-22 14:37	62408	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-04 14:35 . 2013-03-22 14:37	54216	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-03-04 13:06 . 2013-10-26 13:20	6714312	----a-w-	c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2013-10-26 13:20	3497816	----a-w-	c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2013-10-26 13:20	922968	----a-w-	c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2013-10-26 13:20	64968	----a-w-	c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2013-10-26 13:20	2558808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2013-10-26 13:20	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2013-10-26 13:20	3649185	----a-w-	c:\windows\system32\nvcoproc.bin
2014-03-04 11:32 . 2014-03-11 15:52	599840	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-03-04 09:17 . 2014-04-26 11:02	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-28 13:10 . 2014-02-28 13:10	234440	----a-w-	c:\users\TheLeX0R\package_inst.exe
2014-02-28 13:10 . 2014-02-28 13:10	204232	----a-w-	c:\users\TheLeX0R\error_report.exe
2014-02-27 14:50 . 2014-02-27 14:50	5336064	----a-w-	c:\users\TheLeX0R\Qt5Widgets.dll
2014-02-27 14:48 . 2014-02-27 14:48	3573760	----a-w-	c:\users\TheLeX0R\Qt5Gui.dll
2014-02-27 14:47 . 2014-02-27 14:47	1068032	----a-w-	c:\users\TheLeX0R\Qt5Network.dll
2014-02-27 14:47 . 2014-02-27 14:47	214528	----a-w-	c:\users\TheLeX0R\Qt5Sql.dll
2014-02-27 14:47 . 2014-02-27 14:47	5459968	----a-w-	c:\users\TheLeX0R\Qt5Core.dll
2014-02-27 14:40 . 2014-02-27 14:40	344064	----a-w-	c:\users\TheLeX0R\ssleay32.dll
2014-02-27 14:40 . 2014-02-27 14:40	1652736	----a-w-	c:\users\TheLeX0R\libeay32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EC567081-93A5-B348-8F74-867F8FBF636E}]
2014-05-07 23:11	425472	----a-w-	c:\programdata\DiigeiSaveer\GO6Mfie5.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\steam.exe" [2014-05-21 1775808]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-03-22 4270640]
"Akamai NetSession Interface"="c:\users\TheLeX0R\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"Spotify Web Helper"="c:\users\TheLeX0R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-05-22 1171000]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-30 2990304]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-02-14 1564992]
"Overwolf"="d:\program files (x86)\Overwolf\Overwolf.exe" [2014-03-05 37664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-29 3806544]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-08 3873704]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-03-07 444760]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" [2014-05-12 4008296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux8"=wdmaud.drv
.
R1 adgnetworktdi;adgnetworktdi;c:\windows\system32\drivers\adgnetworktdi.sys;c:\windows\SYSNATIVE\drivers\adgnetworktdi.sys [x]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]
R2 WlanWpsSvc;WlanWpsSvc;c:\program files (x86)\D-Link\DWA-131\WlanWpsSvc.exe;c:\program files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [x]
R2 Wpm;Wpm Service; [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 ArcService;Arc Service;d:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;d:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 CXCVBS;CXCVBS;c:\windows\system32\drivers\cxCVBS.sys;c:\windows\SYSNATIVE\drivers\cxCVBS.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\program files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe;d:\program files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 DfSdkS;Defragmentation-Service;d:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe;d:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 dump_wmimmc;dump_wmimmc;d:\aeriagames\WolfTeam-DE\GameGuard\dump_wmimmc.sys;d:\aeriagames\WolfTeam-DE\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
R3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0090.sys;c:\windows\SYSNATIVE\DRIVERS\Neo_0090.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;d:\program files (x86)\Overwolf\OverwolfUpdater.exe;d:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;d:\program files (x86)\Tunngle\TnglCtrl.exe;d:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WO_LiveService;Ashampoo LiveTuner Service;d:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe;d:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [x]
R3 wolf;wolf;d:\aeriagames\WolfTeam-DE\avital\wolf64.sys;d:\aeriagames\WolfTeam-DE\avital\wolf64.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]
R3 X6va017;X6va017;c:\windows\SysWOW64\Drivers\X6va017;c:\windows\SysWOW64\Drivers\X6va017 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;d:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;d:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;d:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;d:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys;d:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTCore64;RTCore64;d:\program files (x86)\MSI Afterburner\RTCore64.sys;d:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 rzdaendpt;Razer DeathAdder end point;c:\windows\system32\DRIVERS\rzdaendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzdaendpt.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;c:\windows\system32\DRIVERS\rzvkeyboard.sys;c:\windows\SYSNATIVE\DRIVERS\rzvkeyboard.sys [x]
S3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - RTCORE64
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-25 18:24	1078088	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-22 19:24]
.
2014-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22 21:26]
.
2014-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22 21:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-08 14:43	290888	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-09 12666984]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-02-28 7468784]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-03 472984]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = 
mDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}
mDefault_Page_URL = about:blank
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
Trusted Zone: aeriagames.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
Wow6432Node-HKCU-Run-Battle.net - d:\program files (x86)\Battle.net\Battle.net
Wow6432Node-HKLM-Run-PowerDVD13Agent - d:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\PowerDVD13Agent.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-BattlEye for A2 - d:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-{D1D632A2-E249-466D-A094-B1B934D37645}_is1 - d:\program files (x86)\Firefly Studios\Stronghold Kingdoms\unins000.exe
AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
AddRemove-TeamSpeak 3 Client - c:\users\TheLeX0R\uninstall.exe
AddRemove-UnityWebPlayer - c:\users\TheLeX0R\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wpm]
"ImagePath"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va016]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va017]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va017"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-948014355-1045144865-171497218-1000\Software\SecuROM\License information*]
"datasecu"=hex:24,b6,3a,c5,ab,cc,38,0d,56,9d,13,80,4c,85,b0,19,5a,6d,b7,f5,a3,
   b6,63,1a,86,a8,2b,5e,b7,81,c9,06,2f,fc,00,51,60,b4,15,a1,8d,de,47,df,ee,66,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\programdata\Battle.net\Agent\Agent.2880\Agent.exe
d:\program files (x86)\Battle.net\Battle.net.4638\Battle.net.exe
c:\program files (x86)\Common Files\Overwolf\OverwolfHelper.exe
c:\users\TheLeX0R\AppData\Local\Facebook\Update\FacebookUpdate.exe
d:\program files (x86)\Overwolf\Purplizer\Purplizer.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-25  20:52:31 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-25 18:52
.
Vor Suchlauf: 15 Verzeichnis(se), 19.786.784.768 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 19.873.902.592 Bytes frei
.
- - End Of File - - D9E36A58D4D51830DCCCBBF09FF11E51
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 26.05.2014, 19:19

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

TheLeX0R · 26.05.2014, 20:05

MBAM.txt:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.05.2014
Suchlauf-Zeit: 20:27:03
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.26.03
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: TheLeX0R

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 346708
Verstrichene Zeit: 5 Min, 53 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 98
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [4ab1272e4d2efd398c44bd72f50ded13], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [4ab1272e4d2efd398c44bd72f50ded13], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [4ab1272e4d2efd398c44bd72f50ded13], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [4ab1272e4d2efd398c44bd72f50ded13], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [4ab1272e4d2efd398c44bd72f50ded13], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [4ab1272e4d2efd398c44bd72f50ded13], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [4ab1272e4d2efd398c44bd72f50ded13], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [43b8fb5a4338ac8a7892210ebc46e020], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [43b8fb5a4338ac8a7892210ebc46e020], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{71e129ff-6c2a-4984-818c-7e2c998b8d99}, In Quarantäne, [48b3b2a397e4e056747b96978c7603fd], 
PUP.Optional.SaveSense.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71E129FF-6C2A-4984-818C-7E2C998B8D99}, In Quarantäne, [48b3b2a397e4e056747b96978c7603fd], 
PUP.Optional.SaveSense.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{71E129FF-6C2A-4984-818C-7E2C998B8D99}, In Quarantäne, [48b3b2a397e4e056747b96978c7603fd], 
PUP.Optional.SaveSense.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{71E129FF-6C2A-4984-818C-7E2C998B8D99}, In Quarantäne, [48b3b2a397e4e056747b96978c7603fd], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [609bf1647308ad89aaccb57af30f5ea2], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [609bf1647308ad89aaccb57af30f5ea2], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [609bf1647308ad89aaccb57af30f5ea2], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [609bf1647308ad89aaccb57af30f5ea2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [738899bc8deeee4885b871f3b64c49b7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [837877de3c3f50e67ec070f47a88c53b], 
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\61e3d063-4dc1-4e17-a702-0053d374b743, In Quarantäne, [04f771e4a0db8caa914d133216eaae52], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EC567081-93A5-B348-8F74-867F8FBF636E}, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EC567081-93A5-B348-8F74-867F8FBF636E}, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DiagiSSaever.DiagiSSaever, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DiagiSSaever.DiagiSSaever.6.7, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DiagiSSaever.DiagiSSaever, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DiagiSSaever.DiagiSSaever.6.7, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{EC567081-93A5-B348-8F74-867F8FBF636E}, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [04f7bf963744112537a310bbe41f7987], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [59a2a7ae681326108852dbf046bddd23], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [cd2e73e2d6a55ed87961d5f60ef57789], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [5aa1aca9a8d35bdb12c8913ab84b8a76], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [64976fe63e3dab8bab2f6c5f37cca45c], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [bc3fd5806813171ffcde86450ff48c74], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [04f72f26087345f1b327daf13cc7f50b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [0bf085d03b407fb75c7eebe03ac905fb], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [8c6fde77572486b028b2ac1ff11228d8], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [b04bb69f8bf0e74f6773507b07fc37c9], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [f40783d2e7941f1783570ac1966d7987], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [f3088cc9e299f145ddfd6c5f15eebb45], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [42b987ce2e4d191dcd0de7e49a696a96], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [55a6a1b40378d26425b5f9d231d2c63a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [56a564f18cef013589516269b84bd52b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [0fec13422358da5ceded507ba55e25db], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [fb00114489f20d295c7e933844bf52ae], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [13e8de77a5d684b226b4e4e723e007f9], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [5f9ca2b3463538fe7d5d5e6dfe05bc44], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [21da243191ea2c0a8159be0d49ba0ef2], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [44b776df65162511c41618b31ae915eb], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [b744bf96007b1323dbffdfec2ad9c937], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [db20eb6a5625d56101d9ffcc5fa4b749], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [2bd0ada8f48789ad8852ccff7c87f709], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [a15afc597407c6701fbb2aa1778c6799], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [8e6d084d5f1c15214397a02bce358a76], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [4ead183d8feca88e3a9f11ba7192a35d], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [9269b2a31b6074c271e2bae0df23e719], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [15e681d49cdfbe78eac6af19fc0721df], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\SaveSenseLive, In Quarantäne, [8576b99c403b6ec8835c804bc241ae52], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [a05b2c293546f640adfa3a97d42f46ba], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [32c983d2dc9f94a25c7e18b35ca77a86], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [6497391c6417b482b2284b80ec17c739], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [53a801542e4d0f277a60309b93709f61], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [bc3f1b3ab3c8999da5351fac16edbc44], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [33c8a1b4136888aee5f50fbc2ad9de22], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [42b9f2630a7149ed2dad785354af5da3], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [3cbfa1b4cead1c1ab62487447d868080], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [807b1144cbb0e94d5783616a729103fd], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [51aace8794e73ef84694f9d28c77cc34], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [6893e76ef18aaa8c4a90755621e27f81], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [51aaabaa6615da5c87539239778c7b85], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [37c47ed7047785b195455e6de71c21df], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [51aa7fd638432511bc1e16b539ca10f0], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [6c8fc78e84f7b5812caea72462a1b64a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [07f4fe575d1e8da9bf1b9f2c6c97758b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [08f335208dee76c0ac2e4b80d62d12ee], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [ea115302ea9126101dbd92393bc805fb], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [3bc030256b10b6809644eedd31d2916f], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [7c7f4e07f28984b221b9c70425dec63a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [30cb1a3b116ada5c24b6efdc6c9748b8], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [679489ccb4c7f6404793e3e8f50ed62a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [34c70a4bbebd3204d2084a81bb48b050], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [55a69fb68fecec4a8258e0eb10f317e9], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [7685afa6116ae25411c99c2f08fbab55], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [7c7fef663b40c5715b7f309b50b30cf4], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [7388cf86c3b88da9a7337853689b956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [fdfeabaab6c5ec4af9e0ebe0996a03fd], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [d328b89dd7a4ed49015203971fe319e7], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=3, In Quarantäne, [d02bf2630675e452706dc902e51e12ee], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=9, In Quarantäne, [a5560451f388f64032ab06c58c77f907], 
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 1.5, In Quarantäne, [3dbea0b52358b68099a7396999697a86], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [4caf89cc3a4163d3b990645a9073857b], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [3cbf5bfacab161d55b805d4a679b4ab6], 
PUP.Optional.SaveSense.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, In Quarantäne, [76859fb6285353e3499301cac2418779], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [2ad1c293403bd5616281a7ff946e7d83], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [43b8b0a53f3cf34330c02498a36022de], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [4ead144175063105361e0595d72b946c], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\HQ-Video, In Quarantäne, [30cba3b2a1dac076da975e33da28d42c], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [7c7f87cee09b83b3e19c3263c33fa25e], 
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, In Quarantäne, [7e7d5401e29973c37631784a7b88b24e], 

Registrierungswerte: 2
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\TheLeX0R\AppData\Roaming\Mozilla\Firefox\Profiles\vo6v5vbq.default\extensions\quick_start@gmail.com, In Quarantäne, [5c9f6bea6e0d9d998f625941b34f6b95]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-948014355-1045144865-171497218-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, In Quarantäne, [43b8b0a53f3cf34330c02498a36022de]

Registrierungsdaten: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[ab5096bfc2b956e09c9c22369173b44c]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1392494010&from=cor&uid=M4-CT064M4SSD2_000000001308092B9A9E&q={searchTerms}),Ersetzt,[35c644113b40a195287e31274db75ca4]

Ordner: 14
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, In Quarantäne, [b94201548deeaa8c894877ff20e240c0], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\Advanced System Protector, In Quarantäne, [5f9c97bee299ff37ca070175ce3445bb], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12580, In Quarantäne, [5f9c97bee299ff37ca070175ce3445bb], 
PUP.Optional.OpenCandy, C:\Users\TheLeX0R\AppData\Roaming\OpenCandy, In Quarantäne, [3cbf6ce9473492a409ebde98bd458a76], 
PUP.Optional.OpenCandy, C:\Users\TheLeX0R\AppData\Roaming\OpenCandy\E34438F1ABD64C489633908A6B1E341D, In Quarantäne, [3cbf6ce9473492a409ebde98bd458a76], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\voice, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\voice\de, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.SaveSense.A, C:\Users\TheLeX0R\AppData\Local\SaveSenseLive, In Quarantäne, [1fdc62f3bcbfe94d392ce692966c46ba], 
PUP.Optional.SaveSense.A, C:\Users\TheLeX0R\AppData\Local\SaveSenseLive\CrashReports, In Quarantäne, [1fdc62f3bcbfe94d392ce692966c46ba], 
PUP.Optional.SaveSense.A, C:\Users\TheLeX0R\AppData\Local\SaveSense, In Quarantäne, [966560f573083df9ed8c7706cc364db3], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0, In Quarantäne, [4cafe075f586f1458ed57608d42ebe42], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 

Dateien: 33
PUP.Optional.InstalleRex.A, C:\ProgramData\InstallMate\{D55BA343-0A4A-4F71-AD9A-42680EB881B5}\Custom.dll, In Quarantäne, [2ccf1b3a285390a68cb4c380b24e629e], 
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{D55BA343-0A4A-4F71-AD9A-42680EB881B5}\Setup.exe, In Quarantäne, [04f771e4a0db8caa914d133216eaae52], 
PUP.Optional.MultiPlug.A, C:\ProgramData\DiigeiSaveer\GO6Mfie5.dll, In Quarantäne, [c833470e601b5fd7548bc387de238f71], 
PUP.Optional.SkyTech.A, C:\Users\TheLeX0R\AppData\Roaming\sweet-page\QQBrowserFrame.dll, In Quarantäne, [24d7262f700ba88e0411b1819c649d63], 
Trojan.MalPack.G, C:\Users\TheLeX0R\Desktop\NFSW_PursuitBot.exe, In Quarantäne, [a457e2734e2db97d96477790d03158a8], 
Trojan.Agent, C:\Users\TheLeX0R\Desktop\FÃ¼r dich Liebling(Y)xD.exe, In Quarantäne, [619ab89d1f5c64d2eadd326123de0bf5], 
PUP.Optional.Superfish.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [49b2f362a0dba29413ec8904d23035cb], 
PUP.Optional.Superfish.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [db20282ddd9e58de53ac48459f63b64a], 
PUP.Optional.Iminent.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, In Quarantäne, [c73468eddaa1bb7b8c434a457191ec14], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage, In Quarantäne, [20dbc194106be254ca1b9602f30fd22e], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage-journal, In Quarantäne, [1edd2134e695e0563ca9e4b49c6624dc], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [7883a1b4067510269c31f6aaca38db25], 
Trojan.Dropper, C:\Users\TheLeX0R\update.exe, In Quarantäne, [b34879dc3e3d0f275205976e6f948080], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\Advanced System Protector\Settings.db, In Quarantäne, [5f9c97bee299ff37ca070175ce3445bb], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12580\ASPLog.txt, In Quarantäne, [5f9c97bee299ff37ca070175ce3445bb], 
PUP.Optional.OpenCandy, C:\Users\TheLeX0R\AppData\Roaming\OpenCandy\E34438F1ABD64C489633908A6B1E341D\5145.ico, In Quarantäne, [3cbf6ce9473492a409ebde98bd458a76], 
PUP.Optional.OpenCandy, C:\Users\TheLeX0R\AppData\Roaming\OpenCandy\E34438F1ABD64C489633908A6B1E341D\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [3cbf6ce9473492a409ebde98bd458a76], 
PUP.Optional.OpenCandy, C:\Users\TheLeX0R\AppData\Roaming\OpenCandy\E34438F1ABD64C489633908A6B1E341D\findr.xml, In Quarantäne, [3cbf6ce9473492a409ebde98bd458a76], 
PUP.Optional.OpenCandy, C:\Users\TheLeX0R\AppData\Roaming\OpenCandy\E34438F1ABD64C489633908A6B1E341D\OCBrowserHelper_1.0.5.112.dll, In Quarantäne, [3cbf6ce9473492a409ebde98bd458a76], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_02-15-2014.log, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.RegCleanerPro.A, C:\Users\TheLeX0R\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\voice\de\voice.wav, In Quarantäne, [cf2c4b0ae49731053041a0d7c43e40c0], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0\5, In Quarantäne, [4cafe075f586f1458ed57608d42ebe42], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000005.ldb, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000006.log, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\CURRENT, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOCK, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG.old, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 
PUP.Optional.CrossRider.A, C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\MANIFEST-000004, In Quarantäne, [3fbc7dd8700ba393620efb83eb17f40c], 

Physische Sektoren: 0
(No malicious items detected)


(end)

AdwCleaner[S0].txt:

Code:

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 26/05/2014 um 20:50:10
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : TheLeX0R - THELEX0R-PC
# Gestartet von : C:\Users\TheLeX0R\Desktop\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Wpm

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\50CoupOnos
Ordner Gelöscht : C:\ProgramData\savve nett
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Local\cool_mirage
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Local\torch
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Roaming\Advanced System Protector
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Roaming\EZDownloader
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Roaming\sweet-page
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\TheLeX0R\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\torch
Ordner Gelöscht : C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijkfmancjkapilkiohiineeajgbjcbm
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijkfmancjkapilkiohiineeajgbjcbm
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijkfmancjkapilkiohiineeajgbjcbm
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijkfmancjkapilkiohiineeajgbjcbm
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjeggplkjphekiodofglkiebimpiphi
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjeggplkjphekiodofglkiebimpiphi
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjeggplkjphekiodofglkiebimpiphi
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjeggplkjphekiodofglkiebimpiphi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Datei Gelöscht : C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\WebConnect
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\TheLeX0R\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo

*************************

AdwCleaner[R0].txt - [18393 octets] - [26/05/2014 20:49:31]
AdwCleaner[S0].txt - [17639 octets] - [26/05/2014 20:50:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17700 octets] ##########

JRT.txt:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by TheLeX0R on 26.05.2014 at 21:01:22,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355205502}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355855532}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366206602}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366856632}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355205502}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355855532}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366206602}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366856632}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{71588120-FC17-4463-B07D-2C71FE6E057B}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\TheLeX0R\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.05.2014 at 21:03:35,52
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

25.05.2014, 06:44	#9
schrauber /// the machine /// TB-Ausbilder	Zufälliger Computer Neustart Du sollst in die Addition.txt von FRST, das Log, schauen. Was du gepostet hast, dann genau nach Anleitung oben vorgehen, steht da Schritt für Schritt. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

25.05.2014, 18:40	#12
schrauber /// the machine /// TB-Ausbilder	Zufälliger Computer Neustart Dann jetzt Combofix wie oben angegeben. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Zufälliger Computer Neustart

Plagegeister aller Art und deren Bekämpfung: Zufälliger Computer Neustart