Doppelt unterstrichende wörter bei Firefox, die Werbung bublizieren (Windows 8)

MasterChaos · 12.06.2014, 15:27

Hi

Ich hab seit zwei Tagen das Problem, dass im Browser wilkührlich wörter doppelt unterstrichen werden.
Sobald man mit dem Mauszeiger drüber streift, erscheint Werbung.
Ich weiß nicht was ich tun soll, hab schon McAffe mehrmals laufen lassen aber nichts gefunden

Bitte um antwort

mfg MasterChaos

M-K-D-B · 12.06.2014, 15:28

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

MasterChaos · 13.06.2014, 23:29

Sry, dass es so lange gedauert hat, versuche möglichst schnell zu antworten

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Nico (administrator) on NICOZUHAUSE on 14-06-2014 00:20:35
Running from C:\Users\Nico\Downloads
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
() C:\Program Files (x86)\Bench\Proxy\pwdg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Pokki) C:\Users\Nico\AppData\Local\Pokki\Engine\pokki.exe
() C:\Program Files (x86)\Bench\Proxy\proc.exe
(Mozilla Corporation) C:\Nicos Ordnung\Firefox 30.0\firefox.exe
(Mozilla Corporation) C:\Nicos Ordnung\Firefox 30.0\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016944 2013-05-20] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [fst_de_36] => [X]
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [357376 2014-06-12] ()
HKLM-x32\...\Run: [BService] => C:\Program Files (x86)\Bench\BService\bservice.exe [49664 2014-03-27] ()
HKLM-x32\...\Run: [t4pc_en_4] => [X]
HKLM-x32\...\Run: [Bench Communicator Watcher] => C:\Program Files (x86)\Bench\Proxy\pwdg.exe [111616 2014-05-29] ()
HKLM-x32\...\Run: [Bench Settings Cleaner] => C:\Program Files (x86)\Bench\Proxy\cl.exe [55296 2014-05-29] ()
HKLM-x32\...\Runonce: [Discount Dragon-repairJob] - wscript.exe "C:\Users\Nico\AppData\Local\Discount Dragon\repair.js" "Discount Dragon-repairJob" [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3380534176-2084738150-1060323333-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
SearchScopes: HKLM - {540A01D2-3B86-4197-9AE4-C7E47A10CDD3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
SearchScopes: HKLM-x32 - {540A01D2-3B86-4197-9AE4-C7E47A10CDD3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT&q={searchTerms}
SearchScopes: HKCU - {540A01D2-3B86-4197-9AE4-C7E47A10CDD3} URL = 
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Discount Dragon BHO - {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - C:\Program Files (x86)\Discount Dragon\FrameworkBHO64.dll ()
BHO-x32: 2rs3 - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SupraSavings\2rs3.dll ()
BHO-x32: PriceGong - Price Comparison - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll (PriceGong)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Discount Dragon BHO - {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - C:\Program Files (x86)\Discount Dragon\FrameworkBHO.dll ()
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: hxxp://www.sweet-page.com/?type=hp&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Quick Start - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\quick_start@gmail.com [2014-06-12]
FF Extension: SupraSavings - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\SupraSavings@jetpack [2014-06-12]
FF Extension: Discount Dragon - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\{D8A30808-3888-E608-3AA4-A2CEA2623402} [2014-06-12]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\extensions\quick_start@gmail.com [2014-06-12]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-10-09]
FF StartMenuInternet: FIREFOX.EXE - C:\Nicos Ordnung\Firefox 30.0\firefox.exe

==================== Services (Whitelisted) =================

S2 0027321402684046mcinstcleanup; C:\Windows\TEMP\002732~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-12] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-12] (globalUpdate) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-18] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [140424 2014-04-23] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-04-21] (Microsoft Corporation)
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED)
S2 rqpbhevlkc64; C:\Program Files\004\rqpbhevlkc64.exe run options=01100010040000000000000000000000 sourceguid=A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E [X]
S2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe run options=01110010030000000000000000000000 sourceguid=19A6D51C-2D35-44DB-B412-0B01BF8D2D62 [X]

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-05-20] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-14 00:20 - 2014-06-14 00:21 - 00020985 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-06-14 00:19 - 2014-06-14 00:20 - 00000000 ____D () C:\FRST
2014-06-14 00:19 - 2014-06-14 00:19 - 02081792 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-06-13 20:29 - 2014-06-13 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-13 13:59 - 2014-06-13 14:08 - 00376594 _____ () C:\Users\Nico\Desktop\Neues RTF-Dokument.odt
2014-06-13 12:12 - 2014-06-13 12:12 - 00000000 ___RD () C:\Users\Nico\Documents\Notes
2014-06-12 23:14 - 2014-06-13 20:16 - 00000003 _____ () C:\Users\Nico\AppData\Local\proxy.log
2014-06-12 23:14 - 2014-06-12 23:14 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discount Dragon
2014-06-12 22:06 - 2014-06-12 22:14 - 397619318 _____ () C:\Users\Nico\Downloads\mgb_deauxma03_480p_2200.wmv
2014-06-12 20:42 - 2014-06-12 21:04 - 2117787964 _____ () C:\Users\Nico\Downloads\da_bonnie_rotten_vl042114_720p_8000.mp4
2014-06-12 20:10 - 2014-06-12 20:33 - 2351043575 _____ () C:\Users\Nico\Downloads\bex_madison_ivy_kl041414_720p_8000.mp4
2014-06-12 16:36 - 2014-06-12 16:36 - 00001651 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-12 16:36 - 2014-06-12 16:36 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-12 16:36 - 2014-06-12 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-12 16:36 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-12 16:36 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-12 16:36 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-12 16:33 - 2014-06-13 20:16 - 00000000 ____D () C:\Users\Nico\AppData\Local\PMB Files
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-06-12 16:29 - 2014-06-12 16:31 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Riot Games
2014-06-12 16:29 - 2014-06-12 16:29 - 34888568 _____ (Riot Games) C:\Users\Nico\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-06-12 15:24 - 2014-06-13 23:36 - 00000366 _____ () C:\Windows\Tasks\bench-S-1-5-21-3380534176-2084738150-1060323333-1001.job
2014-06-12 15:24 - 2014-06-13 21:29 - 00000936 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-12 15:24 - 2014-06-13 21:24 - 00001454 _____ () C:\Windows\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5.job
2014-06-12 15:24 - 2014-06-13 16:45 - 00000366 _____ () C:\Windows\Tasks\bench-sys.job
2014-06-12 15:24 - 2014-06-13 16:33 - 00000932 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-12 15:24 - 2014-06-12 23:14 - 00003236 _____ () C:\Windows\System32\Tasks\bench-sys
2014-06-12 15:24 - 2014-06-12 23:14 - 00003212 _____ () C:\Windows\System32\Tasks\bench-S-1-5-21-3380534176-2084738150-1060323333-1001
2014-06-12 15:24 - 2014-06-12 23:14 - 00000000 ____D () C:\Users\Nico\AppData\Local\Discount Dragon
2014-06-12 15:24 - 2014-06-12 23:14 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-06-12 15:24 - 2014-06-12 15:24 - 00004458 _____ () C:\Windows\System32\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5
2014-06-12 15:24 - 2014-06-12 15:24 - 00003908 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-12 15:24 - 2014-06-12 15:24 - 00003672 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Users\Nico\AppData\Local\globalUpdate
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Users\Nico\AppData\Local\BenchUpdater
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.1
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Discount Dragon
2014-06-12 15:18 - 2014-06-12 15:18 - 00000000 ____D () C:\Users\Nico\Documents\PC Speed Maximizer
2014-06-12 15:14 - 2014-06-12 15:16 - 00000322 _____ () C:\Users\Nico\AppData\Roaming\aps.uninstall.scan.results
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\SupTab
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\Program Files\coupon downloader
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-12 15:13 - 2014-06-12 15:13 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\sweet-page
2014-06-12 15:13 - 2014-06-12 11:00 - 00608093 _____ (Click Me In Limited) C:\Users\Nico\AppData\Local\AnyProtectScannerSetup.exe
2014-06-12 15:08 - 2014-06-12 15:09 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\VOPackage
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-06-12 15:07 - 2014-06-12 15:07 - 00004392 _____ () C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2014-06-12 15:07 - 2014-06-12 15:07 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-12 15:06 - 2014-06-12 15:06 - 00225144 _____ (Fusion Install ) C:\Users\Nico\Downloads\Media_Player_Setup.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00225576 _____ (Premium Installer ) C:\Users\Nico\Downloads\Player-Firefox.exe
2014-06-12 14:42 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-06-12 14:42 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-06-12 14:42 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-06-12 14:42 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-12 14:42 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-12 14:42 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-12 14:42 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-06-12 14:42 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-06-12 14:42 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-06-12 14:42 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-06-12 14:42 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-06-12 14:42 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-06-12 14:42 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-06-12 14:42 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-06-12 14:42 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-06-12 14:42 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-06-12 14:42 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-06-12 14:42 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-06-12 14:42 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-06-12 14:42 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-06-12 14:42 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-06-12 14:42 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-06-12 14:42 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-06-12 14:42 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-06-12 14:42 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-06-12 14:42 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-06-12 14:42 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-06-12 14:42 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-06-12 14:42 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-06-12 14:42 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-06-12 14:42 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-06-12 14:42 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-06-12 14:42 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-06-12 14:42 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-06-12 14:42 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-06-12 14:42 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-06-12 14:42 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-06-12 14:42 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-06-12 14:42 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-06-12 14:42 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-06-12 14:42 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-06-12 14:42 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-06-12 14:42 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-06-12 14:42 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-06-12 14:42 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-06-12 14:42 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-06-12 14:42 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-06-12 14:42 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-06-12 14:41 - 2014-06-12 14:42 - 00009971 _____ () C:\Windows\DirectX.log
2014-06-12 14:41 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-06-12 14:41 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-06-12 14:41 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-06-12 14:41 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-06-12 14:41 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-06-12 14:41 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-06-12 14:41 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-06-12 14:41 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-06-12 14:41 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-06-12 14:41 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-06-12 14:41 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-06-12 14:41 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-06-12 14:41 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-06-12 14:41 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-06-12 14:41 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-06-12 14:41 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-06-12 14:41 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-06-12 14:41 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-06-12 14:41 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-06-12 14:41 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-06-12 14:41 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-06-12 14:41 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-06-12 14:41 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-06-12 14:41 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-06-12 14:41 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-06-12 14:41 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-06-12 14:41 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-06-12 14:41 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-06-12 14:36 - 2014-06-12 14:41 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-12 14:36 - 2014-06-12 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-12 14:35 - 2014-06-13 16:34 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-12 14:35 - 2014-06-12 14:42 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 14:35 - 2014-06-12 14:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-12 14:34 - 2014-06-12 15:19 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Systweak
2014-06-12 14:34 - 2014-06-12 14:35 - 00000000 ____D () C:\temp
2014-06-12 14:34 - 2014-06-12 14:34 - 00003322 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Users\Nico\AppData\Local\Genesis_06121234
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Program Files\suprasavings
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-12 14:34 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-06-12 14:34 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-06-12 14:33 - 2014-06-12 14:33 - 00506784 _____ (Firseria sl) C:\Users\Nico\Downloads\DirectX.exe
2014-06-12 14:31 - 2014-06-12 14:31 - 00000000 ____D () C:\Users\Nico\AppData\Local\Macromedia
2014-06-12 14:28 - 2014-06-12 14:28 - 02959376 _____ (Microsoft Corporation) C:\Users\Nico\Downloads\dotnetfx35setup.exe
2014-06-12 14:19 - 2014-06-12 14:19 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\LolClient
2014-06-12 14:17 - 2014-06-13 23:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-12 14:17 - 2014-06-12 14:17 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 13:59 - 2014-06-12 13:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-12 13:38 - 2014-06-12 13:39 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Mozilla
2014-06-12 13:38 - 2014-06-12 13:39 - 00000000 ____D () C:\Users\Nico\AppData\Local\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 13:37 - 2014-06-12 14:00 - 00000000 ____D () C:\Nicos Ordnung
2014-06-12 13:17 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-11 22:28 - 2014-06-11 22:28 - 00002119 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-06-11 17:15 - 2014-06-12 16:41 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3380534176-2084738150-1060323333-1001
2014-06-11 17:14 - 2014-06-11 17:14 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-06-11 17:10 - 2014-06-11 17:10 - 00000000 ____D () C:\ProgramData\Pokki
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Synaptics
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Macromedia
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Atheros
2014-06-11 17:07 - 2014-06-12 15:30 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-11 17:07 - 2014-06-11 17:07 - 00001446 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Program Files\Accessory Store
2014-06-11 17:06 - 2014-06-12 13:05 - 00000000 ____D () C:\Users\Nico\AppData\Local\Packages
2014-06-11 17:06 - 2014-06-11 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2014-06-11 17:05 - 2014-06-14 00:21 - 00000000 ____D () C:\Users\Nico\AppData\Local\Temp
2014-06-11 17:05 - 2014-06-13 10:28 - 00000000 ____D () C:\Users\Nico\AppData\Local\Pokki
2014-06-11 17:05 - 2014-06-11 17:07 - 00000000 ____D () C:\Users\Nico
2014-06-11 17:05 - 2014-06-11 17:05 - 00000020 ___SH () C:\Users\Nico\ntuser.ini
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Vorlagen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Startmenü
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Netzwerkumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Lokale Einstellungen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Eigene Dateien
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Druckumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Musik
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Bilder
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Verlauf
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Anwendungsdaten
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Anwendungsdaten
2014-06-11 17:05 - 2013-11-22 05:36 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-11 17:05 - 2013-10-09 14:35 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-11 17:05 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-11 17:05 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

2021-10-21 15:36 - 2013-11-22 05:48 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2013-11-22 05:48 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-06-14 00:21 - 2014-06-14 00:20 - 00020985 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-06-14 00:21 - 2014-06-11 17:05 - 00000000 ____D () C:\Users\Nico\AppData\Local\Temp
2014-06-14 00:20 - 2014-06-14 00:19 - 00000000 ____D () C:\FRST
2014-06-14 00:19 - 2014-06-14 00:19 - 02081792 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-06-14 00:04 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-06-13 23:56 - 2013-11-22 05:34 - 01360042 _____ () C:\Windows\WindowsUpdate.log
2014-06-13 23:51 - 2014-06-12 14:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-13 23:36 - 2014-06-12 15:24 - 00000366 _____ () C:\Windows\Tasks\bench-S-1-5-21-3380534176-2084738150-1060323333-1001.job
2014-06-13 21:29 - 2014-06-12 15:24 - 00000936 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-13 21:24 - 2014-06-12 15:24 - 00001454 _____ () C:\Windows\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5.job
2014-06-13 21:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-13 20:29 - 2014-06-13 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-13 20:27 - 2013-10-09 14:42 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-06-13 20:16 - 2014-06-12 23:14 - 00000003 _____ () C:\Users\Nico\AppData\Local\proxy.log
2014-06-13 20:16 - 2014-06-12 16:33 - 00000000 ____D () C:\Users\Nico\AppData\Local\PMB Files
2014-06-13 16:45 - 2014-06-12 15:24 - 00000366 _____ () C:\Windows\Tasks\bench-sys.job
2014-06-13 16:36 - 2013-11-22 14:17 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-06-13 16:36 - 2013-11-22 14:17 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-06-13 16:36 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 16:34 - 2014-06-12 14:35 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-13 16:33 - 2014-06-12 15:24 - 00000932 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-13 16:33 - 2012-07-26 09:21 - 00020358 _____ () C:\Windows\setupact.log
2014-06-13 14:08 - 2014-06-13 13:59 - 00376594 _____ () C:\Users\Nico\Desktop\Neues RTF-Dokument.odt
2014-06-13 12:12 - 2014-06-13 12:12 - 00000000 ___RD () C:\Users\Nico\Documents\Notes
2014-06-13 11:03 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-13 10:28 - 2014-06-11 17:05 - 00000000 ____D () C:\Users\Nico\AppData\Local\Pokki
2014-06-12 23:14 - 2014-06-12 23:14 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discount Dragon
2014-06-12 23:14 - 2014-06-12 15:24 - 00003236 _____ () C:\Windows\System32\Tasks\bench-sys
2014-06-12 23:14 - 2014-06-12 15:24 - 00003212 _____ () C:\Windows\System32\Tasks\bench-S-1-5-21-3380534176-2084738150-1060323333-1001
2014-06-12 23:14 - 2014-06-12 15:24 - 00000000 ____D () C:\Users\Nico\AppData\Local\Discount Dragon
2014-06-12 23:14 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-06-12 22:14 - 2014-06-12 22:06 - 397619318 _____ () C:\Users\Nico\Downloads\mgb_deauxma03_480p_2200.wmv
2014-06-12 21:04 - 2014-06-12 20:42 - 2117787964 _____ () C:\Users\Nico\Downloads\da_bonnie_rotten_vl042114_720p_8000.mp4
2014-06-12 20:33 - 2014-06-12 20:10 - 2351043575 _____ () C:\Users\Nico\Downloads\bex_madison_ivy_kl041414_720p_8000.mp4
2014-06-12 16:41 - 2014-06-11 17:15 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3380534176-2084738150-1060323333-1001
2014-06-12 16:36 - 2014-06-12 16:36 - 00001651 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-12 16:36 - 2014-06-12 16:36 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-12 16:36 - 2014-06-12 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-06-12 16:31 - 2014-06-12 16:29 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Riot Games
2014-06-12 16:29 - 2014-06-12 16:29 - 34888568 _____ (Riot Games) C:\Users\Nico\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-06-12 15:30 - 2014-06-11 17:07 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-12 15:29 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-12 15:28 - 2013-10-09 14:00 - 00005714 _____ () C:\Windows\PFRO.log
2014-06-12 15:24 - 2014-06-12 15:24 - 00004458 _____ () C:\Windows\System32\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5
2014-06-12 15:24 - 2014-06-12 15:24 - 00003908 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-12 15:24 - 2014-06-12 15:24 - 00003672 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Users\Nico\AppData\Local\globalUpdate
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Users\Nico\AppData\Local\BenchUpdater
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.1
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-12 15:24 - 2014-06-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Discount Dragon
2014-06-12 15:19 - 2014-06-12 14:34 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Systweak
2014-06-12 15:18 - 2014-06-12 15:18 - 00000000 ____D () C:\Users\Nico\Documents\PC Speed Maximizer
2014-06-12 15:16 - 2014-06-12 15:14 - 00000322 _____ () C:\Users\Nico\AppData\Roaming\aps.uninstall.scan.results
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\SupTab
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\Program Files\coupon downloader
2014-06-12 15:14 - 2014-06-12 15:14 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-12 15:13 - 2014-06-12 15:13 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\sweet-page
2014-06-12 15:11 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-12 15:09 - 2014-06-12 15:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\VOPackage
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-06-12 15:07 - 2014-06-12 15:07 - 00004392 _____ () C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2014-06-12 15:07 - 2014-06-12 15:07 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-12 15:06 - 2014-06-12 15:06 - 00225144 _____ (Fusion Install ) C:\Users\Nico\Downloads\Media_Player_Setup.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00225576 _____ (Premium Installer ) C:\Users\Nico\Downloads\Player-Firefox.exe
2014-06-12 14:42 - 2014-06-12 14:41 - 00009971 _____ () C:\Windows\DirectX.log
2014-06-12 14:42 - 2014-06-12 14:35 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 14:41 - 2014-06-12 14:36 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-12 14:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\restore
2014-06-12 14:36 - 2014-06-12 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-12 14:35 - 2014-06-12 14:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-12 14:35 - 2014-06-12 14:34 - 00000000 ____D () C:\temp
2014-06-12 14:34 - 2014-06-12 14:34 - 00003322 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Users\Nico\AppData\Local\Genesis_06121234
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Program Files\suprasavings
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-12 14:33 - 2014-06-12 14:33 - 00506784 _____ (Firseria sl) C:\Users\Nico\Downloads\DirectX.exe
2014-06-12 14:31 - 2014-06-12 14:31 - 00000000 ____D () C:\Users\Nico\AppData\Local\Macromedia
2014-06-12 14:28 - 2014-06-12 14:28 - 02959376 _____ (Microsoft Corporation) C:\Users\Nico\Downloads\dotnetfx35setup.exe
2014-06-12 14:19 - 2014-06-12 14:19 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\LolClient
2014-06-12 14:17 - 2014-06-12 14:17 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 14:16 - 2013-10-09 14:42 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-12 14:00 - 2014-06-12 13:37 - 00000000 ____D () C:\Nicos Ordnung
2014-06-12 13:59 - 2014-06-12 13:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-12 13:39 - 2014-06-12 13:38 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Mozilla
2014-06-12 13:39 - 2014-06-12 13:38 - 00000000 ____D () C:\Users\Nico\AppData\Local\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 13:18 - 2013-10-09 14:42 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-06-12 13:15 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-06-12 13:05 - 2014-06-11 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Local\Packages
2014-06-12 11:00 - 2014-06-12 15:13 - 00608093 _____ (Click Me In Limited) C:\Users\Nico\AppData\Local\AnyProtectScannerSetup.exe
2014-06-11 23:50 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-11 23:44 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-11 23:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-11 23:42 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-06-11 22:28 - 2014-06-11 22:28 - 00002119 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-06-11 17:14 - 2014-06-11 17:14 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-06-11 17:10 - 2014-06-11 17:10 - 00000000 ____D () C:\ProgramData\Pokki
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Synaptics
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Macromedia
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Atheros
2014-06-11 17:08 - 2013-10-09 14:53 - 00000000 ___HD () C:\OEM
2014-06-11 17:07 - 2014-06-11 17:07 - 00001446 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Program Files\Accessory Store
2014-06-11 17:07 - 2014-06-11 17:05 - 00000000 ____D () C:\Users\Nico
2014-06-11 17:07 - 2013-11-22 06:09 - 00003550 _____ () C:\Windows\System32\Tasks\Norton Online Backup ARA
2014-06-11 17:07 - 2013-11-22 06:08 - 00000000 ____D () C:\ProgramData\Norton
2014-06-11 17:06 - 2014-06-11 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2014-06-11 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-11 17:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-06-11 17:05 - 2014-06-11 17:05 - 00000020 ___SH () C:\Users\Nico\ntuser.ini
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Vorlagen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Startmenü
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Netzwerkumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Lokale Einstellungen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Eigene Dateien
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Druckumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Musik
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Bilder
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Verlauf
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Anwendungsdaten
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Anwendungsdaten

Some content of TEMP:
====================
C:\Users\Nico\AppData\Local\Temp\aff_setup.exe
C:\Users\Nico\AppData\Local\Temp\BackupSetup.exe
C:\Users\Nico\AppData\Local\Temp\CloudBackup7850.exe
C:\Users\Nico\AppData\Local\Temp\FPPSetup.exe
C:\Users\Nico\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Nico\AppData\Local\Temp\oct1B1A.tmp.exe
C:\Users\Nico\AppData\Local\Temp\pricegong_2611.exe
C:\Users\Nico\AppData\Local\Temp\ssupsetup_binstall3.exe
C:\Users\Nico\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Nico\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nico\AppData\Local\Temp\System.Data.SQLite11964.dll
C:\Users\Nico\AppData\Local\Temp\System.Data.SQLite21535.dll
C:\Users\Nico\AppData\Local\Temp\System.Data.SQLite80151.dll
C:\Users\Nico\AppData\Local\Temp\VOPackage.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-09 14:00

==================== End Of Log ============================

--- --- ---

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by Nico at 2014-06-14 00:21:50
Running from C:\Users\Nico\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13491 - Systweak Software) <==== ATTENTION
AMD Accelerated Video Transcoding (Version: 12.10.100.30314 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E3CA751C-E133-0BF1-3151-7A6D3FB88015}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0314.1033.17070 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
coupon downloader (HKLM\...\coupon downloader) (Version: 2.0.1 - coupon downloader) <==== ATTENTION
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Discount Dragon (HKLM-x32\...\38900_Discount Dragon) (Version: 1.0 - Exciting Apps) <==== ATTENTION
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{ECA361B3-855E-EEAB-C4E9-FFA6F25A4DF4}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plus-HD-9.1 (HKLM-x32\...\Plus-HD-9.1) (Version: 1.34.5.29 - Plus HD) <==== ATTENTION
Pokki (HKCU\...\Pokki) (Version: 0.266.1.172 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
suprasavings (HKLM\...\suprasavings) (Version: 2.0.1 - suprasavings) <==== ATTENTION
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
sweet-page uninstall (HKLM-x32\...\sweet-page uninstall) (Version:  - sweet-page) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.37 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION

==================== Restore Points  =========================

12-06-2014 12:37:17 RegClean Pro Do, Jun 12, 14  14:37

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {048198F8-0340-4F22-9796-0B27AF09EC9F} - System32\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5 => C:\Program Files (x86)\Plus-HD-9.1\c0dea5a2-14ac-4e72-9483-1db7a1278170-5.exe <==== ATTENTION
Task: {05C31387-8445-4C69-B72C-DC1111070CB8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {226D4146-A2F0-46B2-9150-C6CDE4C52DED} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-06-12] () <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24987A8A-FED9-4441-8A8D-BA56CF697CF9} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-18] (Acer Incorporate)
Task: {4CC44157-B688-4815-AF08-5BEDE0AFF85A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-04-08] (Systweak) <==== ATTENTION
Task: {5079F54C-827A-493A-97DA-44994B4AA268} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {5521B305-F273-4DA0-B809-A96CC60CE698} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-02-04] (Symantec Corporation)
Task: {698B9D0B-A68F-4818-86A5-697996BBE6DE} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-03-27] () <==== ATTENTION
Task: {77EA3F2F-9237-4815-B651-62548012DC5E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-12] (globalUpdate) <==== ATTENTION
Task: {91F0F864-3650-4F97-AA95-740171281B93} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ABD4225B-FE90-4563-A9A3-149357A980DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {B58E7C6E-D047-4CDC-9168-D501210C9685} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-12] (globalUpdate) <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D8887171-E2A2-4D9E-9BB6-1D49C5A31CB7} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {DD70D775-CCBF-4396-ACE8-3C3E5D33FDA7} - System32\Tasks\bench-S-1-5-21-3380534176-2084738150-1060323333-1001 => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-03-27] () <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-S-1-5-21-3380534176-2084738150-1060323333-1001.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5.job => C:\Program Files (x86)\Plus-HD-9.1\c0dea5a2-14ac-4e72-9483-1db7a1278170-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-11-22 06:11 - 2013-02-20 23:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-12 15:07 - 2014-06-12 15:07 - 00357376 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2014-05-29 20:35 - 2014-05-29 20:35 - 00111616 _____ () C:\Program Files (x86)\Bench\Proxy\pwdg.exe
2014-05-29 20:35 - 2014-05-29 20:35 - 00410624 _____ () C:\Program Files (x86)\Bench\Proxy\proc.exe
2013-11-22 05:40 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-06-12 14:34 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-06-12 14:34 - 2014-04-08 12:04 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-06-12 14:34 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2014-06-12 13:38 - 2014-06-06 06:38 - 03852912 _____ () C:\Nicos Ordnung\Firefox 30.0\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run32: => "BService"

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (06/12/2014 11:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x125c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/12/2014 04:35:36 PM) (Source: MsiInstaller) (EventID: 10005) (User: NICOZUHAUSE)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.

Error: (06/12/2014 03:19:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1bb4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/12/2014 03:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1af8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/12/2014 02:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x18ec
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


System errors:
=============
Error: (06/12/2014 07:27:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (06/12/2014 03:44:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "rqpbhevlkc64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/12/2014 03:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xmkysecqun64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/12/2014 03:39:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "rqpbhevlkc64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/12/2014 03:37:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "xmkysecqun64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/12/2014 03:30:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/12/2014 03:16:02 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (06/12/2014 03:10:34 PM) (Source: DCOM) (EventID: 10010) (User: NICOZUHAUSE)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/12/2014 03:08:57 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (06/12/2014 02:36:25 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


Microsoft Office Sessions:
=========================
Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (06/12/2014 11:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b125c01cf8663dcf86cc8C:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dll81270d1c-f276-11e3-be78-201a06759522

Error: (06/12/2014 04:35:36 PM) (Source: MsiInstaller) (EventID: 10005) (User: NICOZUHAUSE)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/12/2014 03:19:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b1bb401cf86404d6a772fC:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dll2d66c5b7-f234-11e3-be77-201a06759522

Error: (06/12/2014 03:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b1af801cf863ad77c5dfaC:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dll83674f57-f232-11e3-be76-201a06759522

Error: (06/12/2014 02:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b18ec01cf863a2df1bfeeC:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dlleb359f5b-f22d-11e3-be76-201a06759522


==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 8072.27 MB
Available physical RAM: 5390.86 MB
Total Pagefile: 12680.27 MB
Available Pagefile: 9786.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:632.64 GB) NTFS
Drive d: () (Removable) (Total:7.49 GB) (Free:2.85 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 6F2BE227)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 73696420)
No partition Table on disk 1.

==================== End Of Log ============================

M-K-D-B · 14.06.2014, 08:36

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.

Starte Zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
iedefaults;
resetIEproxy;
FFdefaults;
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von Zoek,
die beiden neuen Logdateien von FRST.

MasterChaos · 14.06.2014, 14:15

So, hat etwas gedauert

AdwCleaner:

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 14/06/2014 um 13:25:55
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Nico - NICOZUHAUSE
# Gestartet von : C:\Users\Nico\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : IePluginServices
Dienst Gelöscht : WindowsProtectManger
[#] Dienst Gelöscht : xmkysecqun64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Pokki
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Ordner Gelöscht : C:\Program Files (x86)\Advanced System Protector
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\BrowserSafeguard
Ordner Gelöscht : C:\Program Files (x86)\Discount Dragon
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\PriceGong
Ordner Gelöscht : C:\Program Files (x86)\SupraSavings
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files\coupon downloader
Ordner Gelöscht : C:\Program Files\SupraSavings
Ordner Gelöscht : C:\Users\Nico\AppData\Local\BenchUpdater
Ordner Gelöscht : C:\Users\Nico\AppData\Local\Discount Dragon
Ordner Gelöscht : C:\Users\Nico\AppData\Local\globalUpdate
[!] Ordner Gelöscht : C:\Users\Nico\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\sweet-page
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discount Dragon
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Ordner Gelöscht : C:\Users\Nico\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\{D8A30808-3888-E608-3AA4-A2CEA2623402}
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\quick_start@gmail.com
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\SupraSavings@jetpack
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\sasnative64.exe
Datei Gelöscht : C:\Users\Nico\AppData\Local\AnyProtectScannerSetup.exe
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector_startup
Datei Gelöscht : C:\Windows\Tasks\bench-sys.job
Datei Gelöscht : C:\Windows\System32\Tasks\bench-sys
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserSafeguard Update Task
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Datei Gelöscht : C:\Windows\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5.job
Datei Gelöscht : C:\Windows\System32\Tasks\c0dea5a2-14ac-4e72-9483-1db7a1278170-5

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Directory\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Drive\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\lnkfile\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BService]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\suprasavings
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Supra Savings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\suprasavings
Schlüssel Gelöscht : HKLM\Software\Bench
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\sweet-pageSoftware
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16921

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "sweet-page");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "sweet-page");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.sweet-page.com/?type=hp&ts=1402578824&from=cor&uid=TOSHIBAXMQ01ABD075_93OXC0XDTXX93OXC0XDT");

*************************

AdwCleaner[R0].txt - [12643 octets] - [14/06/2014 13:25:06]
AdwCleaner[S0].txt - [11035 octets] - [14/06/2014 13:25:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11096 octets] ##########

MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 14.06.2014
Suchlauf-Zeit: 13:40:27
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.14.02
Rootkit Datenbank: v2014.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Nico

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 260918
Verstrichene Zeit: 12 Min, 1 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 10
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\CouponDownloader, In Quarantäne, [5ffbee8ab0cbfe38c1b165447b87817f], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\coupon downloader, In Quarantäne, [bc9eda9e82f943f31462f6b3d72b56aa], 
PUP.Optional.DiscountDragon.A, HKLM\SOFTWARE\WOW6432NODE\Discount Dragon, In Quarantäne, [5604db9d9eddcf67bfd69e08fd05659b], 
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-9.1, In Quarantäne, [adad0c6c3f3c290dfc123192e9199967], 
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, In Quarantäne, [293116626a11f93d8be57b61b251f20e], 
PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\com.bench.nmhost, In Quarantäne, [35250375205b45f1a925ee00dd2611ef], 
PUP.Optional.DiscountDragon.A, HKLM\SOFTWARE\WOW6432NODE\PROXY\INSTALLATIONS\Discount Dragon, In Quarantäne, [b5a5c7b106751c1a8bc10e9371915da3], 
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rqpbhevlkc64, In Quarantäne, [491128502556fe38505cb1f84cb6758b], 
PUP.Optional.DiscountDragon.A, HKU\S-1-5-21-3380534176-2084738150-1060323333-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PROXY\INSTALLATIONS\Discount Dragon, In Quarantäne, [a2b8c2b6186389ad57f479281ce67888], 
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Plus-HD-9.1, In Quarantäne, [8ad062165625a3930b2a2e613ac8d030], 

Registrierungswerte: 4
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, ytz|ytz_fpp, In Quarantäne, [293116626a11f93d8be57b61b251f20e]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_36, In Quarantäne, [3822e1972457b086d8aa1993a95920e0], 
PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Bench Communicator Watcher, C:\Program Files (x86)\Bench\Proxy\pwdg.exe, In Quarantäne, [a7b3c4b4de9ddc5a5423bbee976b28d8]
PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Bench Settings Cleaner, C:\Program Files (x86)\Bench\Proxy\cl.exe, In Quarantäne, [06542850b1cad85e0672b3f67191d927]

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[e9711e5af08b8bab580f1a5c16ee30d0]

Ordner: 1
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.1, In Quarantäne, [8ad062165625a3930b2a2e613ac8d030], 

Dateien: 15
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [1941e395e19ae74f107066d77a86639d], 
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [194144346a11d0666f29ea7732d27c84], 
PUP.Optional.PriceGong.A, C:\Users\Nico\AppData\Local\Temp\pricegong_2611.exe, In Quarantäne, [7cde73053a4169cd60e367fba8595aa6], 
PUP.Optional.CouponDownloader.A, C:\Users\Nico\AppData\Local\Temp\is45637729\112228_stp\coupondownloader.exe, In Quarantäne, [f56501773d3e3303533a3f2653b106fa], 
PUP.Optional.FirstSeenToday, C:\Users\Nico\AppData\Local\Temp\n1637\fst_de_0606-88a44852.exe, In Quarantäne, [8dcd6414116a2511c122f88b3ec3728e], 
PUP.Optional.BundleInstaller.A, C:\Users\Nico\AppData\Local\Temp\n1637\s1637.exe, In Quarantäne, [d78373051368dd5985d3182f59a7758b], 
PUP.Optional.SupraSavings.A, C:\Users\Nico\AppData\Local\Temp\n1637\suprasavings_2703-e3e04064.exe, In Quarantäne, [4d0d6f091c5f59dd38721c18db27619f], 
PUP.Optional.AppsInstaller, C:\Users\Nico\Downloads\DirectX.exe, In Quarantäne, [cc8e176136454bebc65296f29d6426da], 
PUP.Optional.OptimumInstaller.A, C:\Users\Nico\Downloads\Media_Player_Setup.exe, In Quarantäne, [3822f286156649ede1e5cc84ca37e41c], 
PUP.Optional.OptimumInstaller.A, C:\Users\Nico\Downloads\Player-Firefox.exe, In Quarantäne, [1d3d99df86f5a591bd09044ca16010f0], 
PUP.Optional.SupraSavings.A, C:\Windows\Installer\457776.msi, In Quarantäne, [dd7d7dfb5f1ca4923662c8999074e51b], 
PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-S-1-5-21-3380534176-2084738150-1060323333-1001.job, In Quarantäne, [0159ceaa1a619b9bd31e8e335ba70bf5], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.1\52916.crx, In Quarantäne, [8ad062165625a3930b2a2e613ac8d030], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.1\Uninstall.exe, In Quarantäne, [8ad062165625a3930b2a2e613ac8d030], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.1\utils.exe, In Quarantäne, [8ad062165625a3930b2a2e613ac8d030], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Zoek:

Code:

ATTFilter

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Nico on 14.06.2014 at 14:10:51,39.
Microsoft Windows 8 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nico\Desktop\zoek.scr [Scan all users] [Script inserted] 

==== System Restore Info ======================

14.06.2014 14:13:48 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3380534176-2084738150-1060323333-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\prefs.js:
user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");

Added to C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~3\boost_interprocess deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\Users\Nico\AppData\Local\Pokki deleted
C:\Windows\SysWow64\AI_RecycleBin deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [12.06.2014 15:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default
738C29EAC995029E13333034C1402F56	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll -	Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[23.04.2014 17:50]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{540A01D2-3B86-4197-9AE4-C7E47A10CDD3} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3380534176-2084738150-1060323333-1001\Software\Microsoft\Internet Explorer\SearchScopes\{540A01D2-3B86-4197-9AE4-C7E47A10CDD3} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:49212;https=127.0.0.1:49212"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Nico\AppData\Local\Mozilla\Firefox\Profiles\ua6yr3q7.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=950 folders=90 231190673 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Nico\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Nico\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 14.06.2014 at 14:24:43,07 ======================

FRST:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Nico (administrator) on NICOZUHAUSE on 14-06-2014 14:25:42
Running from C:\Users\Nico\Downloads
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\oobe\mcoemmgr.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016944 2013-05-20] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BrowserSafeguard] => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
HKLM-x32\...\Run: [t4pc_en_4] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0

==================== Internet (Whitelisted) ====================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\ua6yr3q7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-10-09]
FF StartMenuInternet: FIREFOX.EXE - C:\Nicos Ordnung\Firefox 30.0\firefox.exe

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-18] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [140424 2014-04-23] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-05-20] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-14 14:25 - 2014-06-14 14:25 - 00007424 _____ () C:\Users\Nico\Desktop\zoek-results.txt
2014-06-14 14:23 - 2014-06-14 14:26 - 00000000 ____D () C:\Users\Nico\AppData\Local\Temp
2014-06-14 14:23 - 2014-06-14 14:23 - 00000000 ____D () C:\Users\Default\AppData\Local\Temp
2014-06-14 14:23 - 2014-06-14 14:23 - 00000000 ____D () C:\Users\Default User\AppData\Local\Temp
2014-06-14 14:23 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-14 14:13 - 2014-06-14 14:24 - 00007424 _____ () C:\zoek-results.log
2014-06-14 14:11 - 2014-06-14 14:11 - 00003120 _____ () C:\Windows\System32\Tasks\{284748C7-9338-42C8-A925-B227C45D76DE}
2014-06-14 14:10 - 2014-06-14 14:21 - 00000000 ____D () C:\zoek_backup
2014-06-14 14:04 - 2014-06-14 14:04 - 04095664 _____ () C:\Users\Nico\Downloads\zoek.zip
2014-06-14 14:00 - 2014-06-14 14:00 - 00005510 _____ () C:\Users\Nico\Desktop\mbam.txt
2014-06-14 14:00 - 2014-06-14 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-14 13:38 - 2014-06-14 13:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-14 13:38 - 2014-06-14 13:38 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-14 13:38 - 2014-06-14 13:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-14 13:38 - 2014-06-14 13:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-14 13:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-14 13:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-14 13:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-14 13:36 - 2014-06-14 13:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nico\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-14 13:32 - 2014-06-14 13:32 - 00011229 _____ () C:\Users\Nico\Desktop\AdwCleaner[S0] 1..txt
2014-06-14 13:29 - 2014-06-14 13:29 - 00281248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-14 13:23 - 2014-06-14 13:26 - 00000000 ____D () C:\AdwCleaner
2014-06-14 13:23 - 2014-06-14 13:23 - 01333465 _____ () C:\Users\Nico\Downloads\adwcleaner_3.212.exe
2014-06-14 13:22 - 2014-06-14 13:22 - 00002937 _____ () C:\Users\Nico\Desktop\TrojaPlan.txt
2014-06-14 13:12 - 2014-05-31 07:16 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-14 13:12 - 2014-05-31 07:16 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 03:24 - 2014-06-14 13:13 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-06-14 03:12 - 2014-06-14 03:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-14 03:12 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 02:35 - 2014-06-14 02:35 - 00002166 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Contre Jour.lnk
2014-06-14 00:21 - 2014-06-14 14:23 - 00029637 _____ () C:\Users\Nico\Downloads\Addition.txt
2014-06-14 00:20 - 2014-06-14 14:26 - 00013411 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-06-14 00:19 - 2014-06-14 14:25 - 00000000 ____D () C:\FRST
2014-06-14 00:19 - 2014-06-14 00:19 - 02081792 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-06-13 13:59 - 2014-06-13 14:08 - 00376594 _____ () C:\Users\Nico\Desktop\Neues RTF-Dokument.odt
2014-06-13 12:12 - 2014-06-13 12:12 - 00000000 ___RD () C:\Users\Nico\Documents\Notes
2014-06-12 23:14 - 2014-06-14 13:25 - 00000003 _____ () C:\Users\Nico\AppData\Local\proxy.log
2014-06-12 22:06 - 2014-06-12 22:14 - 397619318 _____ () C:\Users\Nico\Downloads\mgb_deauxma03_480p_2200.wmv
2014-06-12 20:42 - 2014-06-12 21:04 - 2117787964 _____ () C:\Users\Nico\Downloads\da_bonnie_rotten_vl042114_720p_8000.mp4
2014-06-12 20:10 - 2014-06-12 20:33 - 2351043575 _____ () C:\Users\Nico\Downloads\bex_madison_ivy_kl041414_720p_8000.mp4
2014-06-12 16:36 - 2014-06-12 16:36 - 00001651 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-12 16:36 - 2014-06-12 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-12 16:36 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-12 16:36 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-12 16:36 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-12 16:33 - 2014-06-14 14:23 - 00000000 ____D () C:\Users\Nico\AppData\Local\PMB Files
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-06-12 16:29 - 2014-06-12 16:31 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Riot Games
2014-06-12 16:29 - 2014-06-12 16:29 - 34888568 _____ (Riot Games) C:\Users\Nico\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-06-12 14:42 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-06-12 14:42 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-06-12 14:42 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-06-12 14:42 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-06-12 14:42 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-06-12 14:42 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-06-12 14:42 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-06-12 14:42 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-06-12 14:42 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-12 14:42 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-06-12 14:42 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-06-12 14:42 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-06-12 14:42 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-06-12 14:42 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-12 14:42 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-12 14:42 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-12 14:42 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-06-12 14:42 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-06-12 14:42 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-06-12 14:42 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-06-12 14:42 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-06-12 14:42 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-06-12 14:42 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-06-12 14:42 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-06-12 14:42 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-06-12 14:42 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-06-12 14:42 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-06-12 14:42 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-06-12 14:42 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-06-12 14:42 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-06-12 14:42 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-06-12 14:42 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-06-12 14:42 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-06-12 14:42 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-06-12 14:42 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-06-12 14:42 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-06-12 14:42 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-06-12 14:42 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-06-12 14:42 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-06-12 14:42 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-06-12 14:42 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-06-12 14:42 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-06-12 14:42 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-06-12 14:42 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-06-12 14:42 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-06-12 14:42 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-06-12 14:42 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-06-12 14:42 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-06-12 14:42 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-06-12 14:42 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-06-12 14:42 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-06-12 14:42 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-06-12 14:42 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-06-12 14:42 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-06-12 14:42 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-06-12 14:42 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-06-12 14:42 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-06-12 14:42 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-06-12 14:42 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-06-12 14:42 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-06-12 14:42 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-06-12 14:42 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-06-12 14:42 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-06-12 14:42 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-06-12 14:42 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-06-12 14:41 - 2014-06-12 14:42 - 00009971 _____ () C:\Windows\DirectX.log
2014-06-12 14:41 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-06-12 14:41 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-06-12 14:41 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-06-12 14:41 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-06-12 14:41 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-06-12 14:41 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-06-12 14:41 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-06-12 14:41 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-06-12 14:41 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-06-12 14:41 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-06-12 14:41 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-06-12 14:41 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-06-12 14:41 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-06-12 14:41 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-06-12 14:41 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-06-12 14:41 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-06-12 14:41 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-06-12 14:41 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-06-12 14:41 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-06-12 14:41 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-06-12 14:41 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-06-12 14:41 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-06-12 14:41 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-06-12 14:41 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-06-12 14:41 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-06-12 14:41 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-06-12 14:41 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-06-12 14:41 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-06-12 14:36 - 2014-06-12 14:41 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-12 14:36 - 2014-06-12 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-12 14:35 - 2014-06-12 14:42 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 14:35 - 2014-06-12 14:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-12 14:34 - 2014-06-14 13:54 - 00000000 ____D () C:\temp
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Users\Nico\AppData\Local\Genesis_06121234
2014-06-12 14:31 - 2014-06-12 14:31 - 00000000 ____D () C:\Users\Nico\AppData\Local\Macromedia
2014-06-12 14:28 - 2014-06-12 14:28 - 02959376 _____ (Microsoft Corporation) C:\Users\Nico\Downloads\dotnetfx35setup.exe
2014-06-12 14:19 - 2014-06-12 14:19 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\LolClient
2014-06-12 14:17 - 2014-06-14 13:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-12 14:17 - 2014-06-12 14:17 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 13:59 - 2014-06-12 13:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-12 13:38 - 2014-06-12 13:39 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Mozilla
2014-06-12 13:38 - 2014-06-12 13:39 - 00000000 ____D () C:\Users\Nico\AppData\Local\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 13:37 - 2014-06-12 14:00 - 00000000 ____D () C:\Nicos Ordnung
2014-06-12 13:17 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-11 23:18 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-11 23:18 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-11 23:16 - 2013-10-10 13:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-06-11 23:16 - 2013-10-10 11:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-11 23:16 - 2013-10-10 11:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-06-11 23:16 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-11 23:16 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-11 23:16 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-06-11 23:16 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-11 23:15 - 2013-09-04 05:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-11 23:15 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-06-11 23:15 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-06-11 23:11 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-06-11 23:11 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-06-11 23:11 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-11 23:11 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-11 23:11 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-11 23:11 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-11 23:11 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-11 23:11 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-11 23:11 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-06-11 23:11 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-06-11 23:10 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 23:10 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-11 23:10 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-11 23:10 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-11 23:08 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-11 23:08 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-11 23:08 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2014-06-11 23:08 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-06-11 23:07 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 23:07 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 23:07 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 23:07 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-11 23:07 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 23:07 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 23:07 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 23:07 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 23:07 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 23:07 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 23:07 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 23:07 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 23:07 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 23:07 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 23:07 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 23:07 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 23:07 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 23:07 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 23:07 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 23:07 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 23:07 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-11 23:06 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-11 23:06 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-11 23:06 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-11 23:06 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-11 23:06 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-11 23:04 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-11 23:04 - 2013-09-14 00:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2014-06-11 23:04 - 2013-09-14 00:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-06-11 23:04 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-06-11 23:04 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-06-11 23:04 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-06-11 23:04 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-11 23:04 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-11 23:04 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-11 23:04 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-06-11 23:04 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2014-06-11 23:04 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 23:04 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-11 23:04 - 2013-07-12 03:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-06-11 23:04 - 2013-07-12 03:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-06-11 23:02 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-11 23:02 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-11 23:01 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2014-06-11 23:01 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-06-11 23:01 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-06-11 23:01 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-06-11 23:01 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-06-11 23:01 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2014-06-11 23:01 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2014-06-11 23:01 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-11 23:01 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-06-11 23:01 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2014-06-11 23:01 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-06-11 23:01 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 23:01 - 2013-08-16 00:43 - 00083968 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-06-11 23:01 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-06-11 23:01 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2014-06-11 23:00 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-11 22:59 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 22:59 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 22:59 - 2013-10-02 01:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-11 22:59 - 2013-10-02 01:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-11 22:59 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-11 22:59 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-11 22:59 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-11 22:58 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-06-11 22:58 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-06-11 22:58 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-06-11 22:58 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-06-11 22:58 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-06-11 22:58 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-06-11 22:58 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2014-06-11 22:58 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-06-11 22:58 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-11 22:58 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-06-11 22:58 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-06-11 22:58 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-06-11 22:58 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-06-11 22:58 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2014-06-11 22:58 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2014-06-11 22:58 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-06-11 22:58 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-06-11 22:58 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-06-11 22:58 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-06-11 22:58 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-11 22:58 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-06-11 22:58 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-06-11 22:58 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-06-11 22:58 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-06-11 22:58 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-06-11 22:58 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-06-11 22:58 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-06-11 22:58 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-06-11 22:58 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-06-11 22:57 - 2013-10-09 03:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-11 22:57 - 2013-10-09 00:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-06-11 22:57 - 2013-10-09 00:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-06-11 22:57 - 2013-10-09 00:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-06-11 22:57 - 2013-10-09 00:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-06-11 22:57 - 2013-10-09 00:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-11 22:57 - 2013-10-09 00:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-11 22:57 - 2013-10-09 00:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-11 22:57 - 2013-10-09 00:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-11 22:57 - 2013-10-09 00:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-06-11 22:57 - 2013-10-09 00:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-06-11 22:57 - 2013-10-09 00:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-11 22:57 - 2013-10-09 00:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-11 22:57 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-11 22:57 - 2013-10-02 04:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-06-11 22:57 - 2013-09-28 07:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-06-11 22:57 - 2013-09-28 05:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-06-11 22:57 - 2013-09-19 09:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-11 22:57 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-11 22:57 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-11 22:57 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-11 22:57 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-11 22:56 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-06-11 22:56 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-06-11 22:56 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-06-11 22:56 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-06-11 22:56 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-06-11 22:56 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-11 22:56 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-11 22:56 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-11 22:56 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-06-11 22:56 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-06-11 22:55 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-11 22:55 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-11 22:55 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-06-11 22:55 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-06-11 22:55 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-11 22:55 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-11 22:55 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-11 22:55 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-11 22:55 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-06-11 22:55 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-11 22:55 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-11 22:55 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-06-11 22:55 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-06-11 22:55 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-11 22:55 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-11 22:55 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-11 22:55 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-11 22:55 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-11 22:55 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-06-11 22:55 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-06-11 22:55 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-06-11 22:55 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-11 22:55 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-11 22:55 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-11 22:55 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-11 22:55 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-11 22:55 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-11 22:55 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-11 22:55 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-11 22:55 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-11 22:55 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-06-11 22:55 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-11 22:55 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-11 22:55 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-11 22:55 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-11 22:55 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-11 22:55 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-11 22:54 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 22:54 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 22:54 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-11 22:54 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-11 22:54 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-11 22:54 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-11 22:54 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-11 22:54 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-11 22:54 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-06-11 22:54 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-06-11 22:53 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 22:53 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-11 22:53 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-06-11 22:53 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-11 22:53 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-11 22:53 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2014-06-11 22:53 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2014-06-11 22:53 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-11 22:53 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2014-06-11 22:53 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2014-06-11 22:52 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-06-11 22:49 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-06-11 22:49 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-06-11 22:49 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-06-11 22:49 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-11 22:49 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-11 22:49 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-06-11 22:49 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-11 22:43 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-11 22:43 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-06-11 22:43 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-06-11 22:43 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-11 22:43 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-11 22:43 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-11 22:43 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-11 22:43 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-06-11 22:43 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-06-11 22:28 - 2014-06-11 22:28 - 00002119 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-06-11 17:15 - 2014-06-14 14:13 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3380534176-2084738150-1060323333-1001
2014-06-11 17:14 - 2014-06-11 17:14 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Synaptics
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Macromedia
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Atheros
2014-06-11 17:07 - 2014-06-14 13:13 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-11 17:07 - 2014-06-14 13:13 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-11 17:07 - 2014-06-11 17:07 - 00001446 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Program Files\Accessory Store
2014-06-11 17:06 - 2014-06-14 13:13 - 00000000 ____D () C:\Users\Nico\AppData\Local\Packages
2014-06-11 17:06 - 2014-06-11 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2014-06-11 17:05 - 2014-06-11 17:07 - 00000000 ____D () C:\Users\Nico
2014-06-11 17:05 - 2014-06-11 17:05 - 00000020 ___SH () C:\Users\Nico\ntuser.ini
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Vorlagen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Startmenü
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Netzwerkumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Lokale Einstellungen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Eigene Dateien
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Druckumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Musik
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Bilder
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Verlauf
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Anwendungsdaten
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Anwendungsdaten
2014-06-11 17:05 - 2013-11-22 05:36 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-11 17:05 - 2013-10-09 14:35 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-11 17:05 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-11 17:05 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-21 08:31 - 2014-06-14 14:05 - 01414867 _____ () C:\Users\Nico\Desktop\zoek.scr
2014-05-21 08:31 - 2014-06-14 14:05 - 01414867 _____ () C:\Users\Nico\Desktop\zoek.com

==================== One Month Modified Files and Folders =======

2021-10-21 15:36 - 2013-11-22 05:48 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2013-11-22 05:48 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-06-14 14:26 - 2014-06-14 14:23 - 00000000 ____D () C:\Users\Nico\AppData\Local\Temp
2014-06-14 14:26 - 2014-06-14 00:20 - 00013411 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-06-14 14:25 - 2014-06-14 14:25 - 00007424 _____ () C:\Users\Nico\Desktop\zoek-results.txt
2014-06-14 14:25 - 2014-06-14 00:19 - 00000000 ____D () C:\FRST
2014-06-14 14:24 - 2014-06-14 14:13 - 00007424 _____ () C:\zoek-results.log
2014-06-14 14:24 - 2013-10-09 14:00 - 00011258 _____ () C:\Windows\PFRO.log
2014-06-14 14:24 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-14 14:23 - 2014-06-14 14:23 - 00000000 ____D () C:\Users\Default\AppData\Local\Temp
2014-06-14 14:23 - 2014-06-14 14:23 - 00000000 ____D () C:\Users\Default User\AppData\Local\Temp
2014-06-14 14:23 - 2014-06-14 00:21 - 00029637 _____ () C:\Users\Nico\Downloads\Addition.txt
2014-06-14 14:23 - 2014-06-12 16:33 - 00000000 ____D () C:\Users\Nico\AppData\Local\PMB Files
2014-06-14 14:21 - 2014-06-14 14:10 - 00000000 ____D () C:\zoek_backup
2014-06-14 14:13 - 2014-06-11 17:15 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3380534176-2084738150-1060323333-1001
2014-06-14 14:11 - 2014-06-14 14:11 - 00003120 _____ () C:\Windows\System32\Tasks\{284748C7-9338-42C8-A925-B227C45D76DE}
2014-06-14 14:05 - 2014-05-21 08:31 - 01414867 _____ () C:\Users\Nico\Desktop\zoek.scr
2014-06-14 14:05 - 2014-05-21 08:31 - 01414867 _____ () C:\Users\Nico\Desktop\zoek.com
2014-06-14 14:04 - 2014-06-14 14:04 - 04095664 _____ () C:\Users\Nico\Downloads\zoek.zip
2014-06-14 14:00 - 2014-06-14 14:00 - 00005510 _____ () C:\Users\Nico\Desktop\mbam.txt
2014-06-14 14:00 - 2014-06-14 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-14 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-06-14 13:58 - 2014-06-14 13:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-14 13:54 - 2014-06-12 14:34 - 00000000 ____D () C:\temp
2014-06-14 13:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Vss
2014-06-14 13:54 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-14 13:51 - 2014-06-12 14:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-14 13:38 - 2014-06-14 13:38 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-14 13:38 - 2014-06-14 13:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-14 13:38 - 2014-06-14 13:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-14 13:36 - 2014-06-14 13:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nico\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-14 13:32 - 2014-06-14 13:32 - 00011229 _____ () C:\Users\Nico\Desktop\AdwCleaner[S0] 1..txt
2014-06-14 13:29 - 2014-06-14 13:29 - 00281248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-14 13:26 - 2014-06-14 13:23 - 00000000 ____D () C:\AdwCleaner
2014-06-14 13:25 - 2014-06-12 23:14 - 00000003 _____ () C:\Users\Nico\AppData\Local\proxy.log
2014-06-14 13:23 - 2014-06-14 13:23 - 01333465 _____ () C:\Users\Nico\Downloads\adwcleaner_3.212.exe
2014-06-14 13:22 - 2014-06-14 13:22 - 00002937 _____ () C:\Users\Nico\Desktop\TrojaPlan.txt
2014-06-14 13:18 - 2013-11-22 14:17 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-06-14 13:18 - 2013-11-22 14:17 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-06-14 13:18 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-14 13:13 - 2014-06-14 03:24 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-06-14 13:13 - 2014-06-11 17:07 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-14 13:13 - 2014-06-11 17:07 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-14 13:13 - 2014-06-11 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Local\Packages
2014-06-14 13:13 - 2013-10-09 14:11 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-14 13:11 - 2013-10-09 14:42 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-06-14 03:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-14 03:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-14 03:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-06-14 03:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-14 03:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-14 03:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-14 03:23 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-06-14 03:23 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-14 03:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-06-14 03:20 - 2013-11-22 05:34 - 01356920 _____ () C:\Windows\WindowsUpdate.log
2014-06-14 03:20 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-14 03:13 - 2014-06-14 03:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-14 03:13 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-14 02:35 - 2014-06-14 02:35 - 00002166 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Contre Jour.lnk
2014-06-14 00:19 - 2014-06-14 00:19 - 02081792 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-06-13 21:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-13 16:33 - 2012-07-26 09:21 - 00020358 _____ () C:\Windows\setupact.log
2014-06-13 14:08 - 2014-06-13 13:59 - 00376594 _____ () C:\Users\Nico\Desktop\Neues RTF-Dokument.odt
2014-06-13 12:12 - 2014-06-13 12:12 - 00000000 ___RD () C:\Users\Nico\Documents\Notes
2014-06-12 22:14 - 2014-06-12 22:06 - 397619318 _____ () C:\Users\Nico\Downloads\mgb_deauxma03_480p_2200.wmv
2014-06-12 21:04 - 2014-06-12 20:42 - 2117787964 _____ () C:\Users\Nico\Downloads\da_bonnie_rotten_vl042114_720p_8000.mp4
2014-06-12 20:33 - 2014-06-12 20:10 - 2351043575 _____ () C:\Users\Nico\Downloads\bex_madison_ivy_kl041414_720p_8000.mp4
2014-06-12 16:36 - 2014-06-12 16:36 - 00001651 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-12 16:36 - 2014-06-12 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-12 16:33 - 2014-06-12 16:33 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-06-12 16:31 - 2014-06-12 16:29 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Riot Games
2014-06-12 16:29 - 2014-06-12 16:29 - 34888568 _____ (Riot Games) C:\Users\Nico\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-06-12 14:42 - 2014-06-12 14:41 - 00009971 _____ () C:\Windows\DirectX.log
2014-06-12 14:42 - 2014-06-12 14:35 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 14:41 - 2014-06-12 14:36 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-12 14:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\restore
2014-06-12 14:36 - 2014-06-12 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-12 14:35 - 2014-06-12 14:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-12 14:34 - 2014-06-12 14:34 - 00000000 ____D () C:\Users\Nico\AppData\Local\Genesis_06121234
2014-06-12 14:31 - 2014-06-12 14:31 - 00000000 ____D () C:\Users\Nico\AppData\Local\Macromedia
2014-06-12 14:28 - 2014-06-12 14:28 - 02959376 _____ (Microsoft Corporation) C:\Users\Nico\Downloads\dotnetfx35setup.exe
2014-06-12 14:19 - 2014-06-12 14:19 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\LolClient
2014-06-12 14:17 - 2014-06-12 14:17 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 14:16 - 2013-10-09 14:42 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-12 14:00 - 2014-06-12 13:37 - 00000000 ____D () C:\Nicos Ordnung
2014-06-12 13:59 - 2014-06-12 13:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-12 13:39 - 2014-06-12 13:38 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Mozilla
2014-06-12 13:39 - 2014-06-12 13:38 - 00000000 ____D () C:\Users\Nico\AppData\Local\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 13:18 - 2013-10-09 14:42 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-06-12 13:15 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-06-11 23:44 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-11 23:42 - 2014-06-11 23:42 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-11 23:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-11 23:42 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-06-11 22:28 - 2014-06-11 22:28 - 00002119 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-06-11 17:14 - 2014-06-11 17:14 - 00000000 ____D () C:\Users\Nico\Desktop\Neuer Ordner
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Synaptics
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Macromedia
2014-06-11 17:08 - 2014-06-11 17:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Atheros
2014-06-11 17:08 - 2013-10-09 14:53 - 00000000 ___HD () C:\OEM
2014-06-11 17:07 - 2014-06-11 17:07 - 00001446 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-06-11 17:07 - 2014-06-11 17:07 - 00000000 ____D () C:\Program Files\Accessory Store
2014-06-11 17:07 - 2014-06-11 17:05 - 00000000 ____D () C:\Users\Nico
2014-06-11 17:07 - 2013-11-22 06:09 - 00003550 _____ () C:\Windows\System32\Tasks\Norton Online Backup ARA
2014-06-11 17:07 - 2013-11-22 06:08 - 00000000 ____D () C:\ProgramData\Norton
2014-06-11 17:06 - 2014-06-11 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2014-06-11 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-11 17:05 - 2014-06-11 17:05 - 00000020 ___SH () C:\Users\Nico\ntuser.ini
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Vorlagen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Startmenü
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Netzwerkumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Lokale Einstellungen
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Eigene Dateien
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Druckumgebung
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Musik
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Bilder
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Verlauf
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Anwendungsdaten
2014-06-11 17:05 - 2014-06-11 17:05 - 00000000 _SHDL () C:\Users\Nico\Anwendungsdaten
2014-06-01 17:17 - 2014-06-14 03:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-31 07:16 - 2014-06-14 13:12 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-31 07:16 - 2014-06-14 13:12 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-24 04:48 - 2014-06-11 23:07 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-24 04:47 - 2014-06-11 23:07 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-24 04:47 - 2014-06-11 23:07 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-24 04:47 - 2014-06-11 23:07 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-24 04:47 - 2014-06-11 23:07 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-24 04:46 - 2014-06-11 23:07 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-24 04:45 - 2014-06-11 23:07 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-24 04:45 - 2014-06-11 23:07 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-24 04:45 - 2014-06-11 23:07 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-24 03:26 - 2014-06-11 23:07 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-24 03:26 - 2014-06-11 23:07 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-24 03:26 - 2014-06-11 23:07 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-24 03:26 - 2014-06-11 23:07 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-24 03:26 - 2014-06-11 23:07 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-24 03:26 - 2014-06-11 23:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-24 03:26 - 2014-06-11 23:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-24 03:25 - 2014-06-11 23:07 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-24 03:25 - 2014-06-11 23:07 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-24 03:09 - 2014-06-11 23:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-24 03:03 - 2014-06-11 23:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-24 00:37 - 2014-06-11 23:07 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-09 14:00

==================== End Of Log ============================

--- --- ---

--- --- ---

MasterChaos · 14.06.2014, 14:17

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by Nico at 2014-06-14 14:26:50
Running from C:\Users\Nico\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30314 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E3CA751C-E133-0BF1-3151-7A6D3FB88015}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0314.1033.17070 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0314.1032.17070 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0314.1033.17070 - Advanced Micro Devices, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Contre Jour (HKCU\...\Pokki_6b9573695b591e9725ef2df5f3547de7955fa4a0) (Version: 1.0.0.32699 - Pokki)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Discount Dragon (HKLM-x32\...\38900_Discount Dragon) (Version: 1.0 - Exciting Apps) <==== ATTENTION
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{ECA361B3-855E-EEAB-C4E9-FFA6F25A4DF4}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
sweet-page uninstall (HKLM-x32\...\sweet-page uninstall) (Version:  - sweet-page) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.37 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION

==================== Restore Points  =========================

12-06-2014 12:37:17 RegClean Pro Do, Jun 12, 14  14:37
14-06-2014 12:13:29 zoek.exe restore point

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {048198F8-0340-4F22-9796-0B27AF09EC9F} - \c0dea5a2-14ac-4e72-9483-1db7a1278170-5 No Task File <==== ATTENTION
Task: {05C31387-8445-4C69-B72C-DC1111070CB8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {226D4146-A2F0-46B2-9150-C6CDE4C52DED} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24987A8A-FED9-4441-8A8D-BA56CF697CF9} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-18] (Acer Incorporate)
Task: {5079F54C-827A-493A-97DA-44994B4AA268} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {5521B305-F273-4DA0-B809-A96CC60CE698} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-02-04] (Symantec Corporation)
Task: {698B9D0B-A68F-4818-86A5-697996BBE6DE} - \bench-sys No Task File <==== ATTENTION
Task: {77EA3F2F-9237-4815-B651-62548012DC5E} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {91F0F864-3650-4F97-AA95-740171281B93} - \Advanced System Protector No Task File <==== ATTENTION
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A7A1141B-DF74-4477-A6B9-85CC77E85E57} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {ABD4225B-FE90-4563-A9A3-149357A980DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {B58E7C6E-D047-4CDC-9168-D501210C9685} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C4D4182B-3985-427C-867B-450191430520} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D77559FB-57C5-454B-80CB-B0C3BB3FC76A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-01] (Microsoft Corporation)
Task: {D8887171-E2A2-4D9E-9BB6-1D49C5A31CB7} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-11-22 05:40 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run32: => "BService"

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (06/12/2014 11:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x125c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/12/2014 04:35:36 PM) (Source: MsiInstaller) (EventID: 10005) (User: NICOZUHAUSE)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.

Error: (06/12/2014 03:19:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1bb4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/12/2014 03:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1af8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/12/2014 02:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x18ec
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


System errors:
=============
Error: (06/14/2014 02:20:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/14/2014 02:20:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/14/2014 02:20:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/14/2014 02:20:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/14/2014 02:20:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/14/2014 01:29:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "rqpbhevlkc64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/14/2014 01:16:28 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (06/14/2014 01:12:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xmkysecqun64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/14/2014 01:12:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "rqpbhevlkc64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/14/2014 03:11:14 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (06/13/2014 02:28:33 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (06/12/2014 11:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b125c01cf8663dcf86cc8C:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dll81270d1c-f276-11e3-be78-201a06759522

Error: (06/12/2014 04:35:36 PM) (Source: MsiInstaller) (EventID: 10005) (User: NICOZUHAUSE)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/12/2014 03:19:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b1bb401cf86404d6a772fC:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dll2d66c5b7-f234-11e3-be77-201a06759522

Error: (06/12/2014 03:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b1af801cf863ad77c5dfaC:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dll83674f57-f232-11e3-be76-201a06759522

Error: (06/12/2014 02:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b18ec01cf863a2df1bfeeC:\Nicos Ordnung\Firefox 30.0\plugin-container.exeC:\Nicos Ordnung\Firefox 30.0\mozalloc.dlleb359f5b-f22d-11e3-be76-201a06759522


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 8072.27 MB
Available physical RAM: 6775.79 MB
Total Pagefile: 12680.27 MB
Available Pagefile: 11356.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:633.03 GB) NTFS
Drive d: () (Removable) (Total:7.49 GB) (Free:2.85 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 6F2BE227)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 73696420)
No partition Table on disk 1.

==================== End Of Log ============================

Sry für die vielen Antworte und vielen dank für die schnelle und detalierte hilfe

M-K-D-B · 14.06.2014, 15:29

Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
HKLM-x32\...\Run: [BrowserSafeguard] => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
C:\Program Files (x86)\Browsersafeguard
HKLM-x32\...\Run: [t4pc_en_4] => [X]
FF NetworkProxy: "type", 4
Task: {048198F8-0340-4F22-9796-0B27AF09EC9F} - \c0dea5a2-14ac-4e72-9483-1db7a1278170-5 No Task File <==== ATTENTION
Task: {226D4146-A2F0-46B2-9150-C6CDE4C52DED} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {698B9D0B-A68F-4818-86A5-697996BBE6DE} - \bench-sys No Task File <==== ATTENTION
Task: {77EA3F2F-9237-4815-B651-62548012DC5E} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {91F0F864-3650-4F97-AA95-740171281B93} - \Advanced System Protector No Task File <==== ATTENTION
Task: {A7A1141B-DF74-4477-A6B9-85CC77E85E57} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {B58E7C6E-D047-4CDC-9168-D501210C9685} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Reboot:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:folderfind
*Discount Dragon*

:regfind
Discount Dragon
sweet-page
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei von FRST,
die Logdatei von SystemLook,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

M-K-D-B · 18.06.2014, 11:57

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Doppelt unterstrichende wörter bei Firefox, die Werbung bublizieren (Windows 8)

Log-Analyse und Auswertung: Doppelt unterstrichende wörter bei Firefox, die Werbung bublizieren (Windows 8)