Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virenbefahl blockiert nun mein Sicherheitscenter (https://www.trojaner-board.de/145906-virenbefahl-blockiert-sicherheitscenter.html)

starxick 10.12.2013 22:34
Virenbefahl blockiert nun mein Sicherheitscenter
 
Hallo,

Ich habe eine Datei von Skype angenommen diese dann gestartet und es kam mir auch gleich so komisch vor das sich die Datei im Ordner gleich gelöscht war. Ich durchsuchte nun im Taskmanger welche Namen mir so aufgefallen sind. Dort sah ich eine Datei (mlconfig.exe) Dateipfad geöffnet und den Ordner gelöscht. Pc neugestartet und nun geht meine Firewall nicht mehr an das gesamte Sicherheitscenter ist aus gestellt. Ich habe dann im abgesicherten Modus ein Scann gemacht und habe 1 Fund gehabt und es gelöscht aber es geht immernoch nicht. Was braucht ihr alles von mir damit ihr mir helfen könnt?

aharonov 10.12.2013 22:36
Hallo,

poste bitte das Log mit dem Fund.
Und mach einen FRST-Scan:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


starxick 10.12.2013 22:44
Also das Antivirentool heißst HouseCall und ich finde da leider keine .txt Datei oder sowas aber der Name des Virus hieß "Cryp Yodap"

Nachtrag -> Ich habe mal bei dem Antivirus auf Vollscann gemacht da war nur schneller Scan angeschalten habe es erst jetzt gesehen

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013
Ran by Patrick (administrator) on PATRICK-PC on 10-12-2013 22:38:59
Running from C:\Users\Patrick\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x86\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDCountdown.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Trend Micro Inc.) C:\Users\Patrick\AppData\Local\Temp\HouseCall\housecall.bin

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [110360 2011-09-29] (Logitech Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [PlayNC Launcher] - [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\CurrentVersion\Windows: [Load] C:\Windows\SysWOW64\{$1179-4133-5326-3114$}\mlconfig.exe <===== ATTENTION
MountPoints2: E - E:\LaunchU3.exe -a
MountPoints2: {14ead0eb-91d7-11e0-a62b-001fd09390ab} - G:\LaunchU3.exe -a
MountPoints2: {80b34e34-89d6-11e0-8ed0-001fd09390ab} - G:\iStudio.exe
MountPoints2: {961aecfe-d16a-11e0-bf34-001fd09390ab} - H:\Startme.exe
MountPoints2: {be7fd1dd-838a-11e0-bf12-001fd09390ab} - E:\BlacklistAutoRun.exe
MountPoints2: {cd2ba80b-331b-11e2-bbd3-001fd09390ab} - G:\DPFMate.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [System Configuration] - C:\Windows\System32\taskmgr.exe [257024 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-12-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
IFEO\avcenter.exe: [Debugger] nsjw.exe
IFEO\avguard.exe: [Debugger] nsjw.exe
IFEO\avp.exe: [Debugger] nsjw.exe
IFEO\bdagent.exe: [Debugger] nsjw.exe
IFEO\ccuac.exe: [Debugger] nsjw.exe
IFEO\ComboFix.exe: [Debugger] nsjw.exe
IFEO\egui.exe: [Debugger] nsjw.exe
IFEO\hijackthis.exe: [Debugger] nsjw.exe
IFEO\keyscrambler.exe: [Debugger] nsjw.exe
IFEO\mbam.exe: [Debugger] nsjw.exe
IFEO\MpCmdRun.exe: [Debugger] nsjw.exe
IFEO\MSASCui.exe: [Debugger] nsjw.exe
IFEO\MsMpEng.exe: [Debugger] nsjw.exe
IFEO\msseces.exe: [Debugger] nsjw.exe
IFEO\NisSrv.exe: [Debugger] nsjw.exe
IFEO\spybotsd.exe: [Debugger] nsjw.exe
IFEO\wireshark.exe: [Debugger] nsjw.exe
IFEO\zlclient.exe: [Debugger] nsjw.exe
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorers.ini.url ()

==================== Internet (Whitelisted) ====================

ProxyServer: 67.77.92.196:35421
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF11CBD29B3BDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\battlefieldplay4free@ea.com
FF Extension: GFACE Experience Plugin - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: DownloadHelper - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Bitdefender QuickScan - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: toolbar_AVIRA-V7 - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: flashgot - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: DVDVideoSoft Menu - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-07] (Adobe Systems)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-12-10] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] ()
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-10-26] ()
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [3889424 2011-08-01] (INCA Internet Co., Ltd.)
S4 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-08] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-11-24] ()
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-08-25] (SANDBOXIE L.T.D)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-12-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-12-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-21] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2010-04-16] (Portrait Displays, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-08-25] (SANDBOXIE L.T.D)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 dump_wmimmc; \??\F:\Spiele\WolfTeam-DE\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va005; \??\C:\Users\Patrick\AppData\Local\Temp\00516EE.tmp [x]
S3 X6va007; \??\C:\Users\Patrick\AppData\Local\Temp\007EAD6.tmp [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-10 22:38 - 2013-12-10 22:39 - 00021441 _____ C:\Users\Patrick\Downloads\FRST.txt
2013-12-10 22:38 - 2013-12-10 22:38 - 01928110 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-12-10 22:38 - 2013-12-10 22:38 - 00000000 ____D C:\FRST
2013-12-10 22:22 - 2013-12-10 22:23 - 00010103 _____ C:\Windows\WindowsUpdate.log
2013-12-10 22:19 - 2013-12-10 22:19 - 00000056 _____ C:\Windows\setupact.log
2013-12-10 22:19 - 2013-12-10 22:19 - 00000000 _____ C:\Windows\setuperr.log
2013-12-10 22:09 - 2013-12-10 22:09 - 00233520 _____ C:\Windows\RegBootClean64.exe
2013-12-10 22:09 - 2013-12-10 22:09 - 00221628 _____ C:\Users\Patrick\AppData\Local\census.cache
2013-12-10 22:09 - 2013-12-10 22:09 - 00143387 _____ C:\Users\Patrick\AppData\Local\ars.cache
2013-12-10 21:48 - 2013-12-10 21:48 - 00000036 _____ C:\Users\Patrick\AppData\Local\housecall.guid.cache
2013-12-10 21:47 - 2013-12-10 21:48 - 02405664 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HousecallLauncher64.exe
2013-12-10 21:39 - 2013-12-10 21:39 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Avira
2013-12-10 21:38 - 2013-12-10 22:24 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\APN
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\ProgramData\Avira
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-10 21:37 - 2013-12-10 21:36 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-10 21:37 - 2013-12-10 21:36 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-10 21:37 - 2013-12-10 21:36 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-10 21:37 - 2013-12-10 21:36 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-10 21:33 - 2013-12-10 21:33 - 02294160 _____ C:\Users\Patrick\Downloads\avira_free_antivirus.exe
2013-12-10 20:46 - 2013-12-10 20:55 - 00000000 __SHD C:\Windows\SysWOW64\{$1179-4133-5326-3114$}
2013-12-09 20:45 - 2013-10-22 13:59 - 00000000 ____D C:\Users\Patrick\Downloads\Spongebob-Bob_Hits-Das_Allerbeste_Album-2013-NoGroup
2013-12-08 00:29 - 2013-12-08 00:29 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-12-01 17:34 - 2013-11-30 11:18 - 00000000 ____D C:\Users\Patrick\Downloads\Sido-30-11-80-DE-2013
2013-11-30 20:55 - 2013-12-10 20:50 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2 OA
2013-11-30 20:54 - 2013-11-30 20:55 - 00000000 ____D C:\Users\Patrick\Documents\ArmA 2
2013-11-30 20:54 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2
2013-11-30 19:54 - 2013-11-30 19:54 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2 Operation Arrowhead.url
2013-11-30 19:04 - 2013-11-30 19:04 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2.url
2013-11-27 00:42 - 2013-11-27 00:42 - 00037376 _____ C:\Windows\SysWOW64\uplay_r1_loader.dll
2013-11-27 00:41 - 2013-04-11 16:12 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2013-11-24 22:28 - 2013-11-25 21:49 - 00000000 ____D C:\Users\Patrick\Documents\Assassin's Creed IV Black Flag
2013-11-24 17:13 - 2013-11-24 17:13 - 00000209 _____ C:\Users\Patrick\Desktop\Assassins Creed IV Black Flag.url
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Obsidian Entertainment
2013-11-16 13:12 - 2013-11-16 13:12 - 00000000 ____D C:\ProgramData\Obsidian Entertainment
2013-11-16 02:20 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-16 02:17 - 2013-11-16 02:17 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-16 01:33 - 2013-11-16 01:33 - 00000174 _____ C:\Users\Patrick\Desktop\rust..url
2013-11-15 20:09 - 2013-11-16 02:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 22:07 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 22:07 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 22:07 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 22:07 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 22:07 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 22:07 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 22:07 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 22:07 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 22:07 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 22:07 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 22:07 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 22:07 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 22:07 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 22:07 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 22:07 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 22:07 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 22:07 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 22:07 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 22:07 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 22:07 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 22:07 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 22:07 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 22:07 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 22:07 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 22:07 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 22:07 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 22:07 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 22:07 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 22:07 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 22:07 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-11 10:59 - 2013-11-11 11:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-11 10:59 - 2013-11-11 11:00 - 00000000 ____D C:\Program Files\iTunes
2013-11-11 10:59 - 2013-11-11 11:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-11 10:59 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files\iPod
2013-11-10 12:53 - 2013-12-07 00:44 - 00000252 _____ C:\Users\Patrick\AppData\Roaming\BreakingPoint_Login.ini
2013-11-10 12:47 - 2013-11-10 12:47 - 00000711 _____ C:\Users\Patrick\Desktop\Breaking Point.lnk
2013-11-10 12:46 - 2013-12-03 17:17 - 00000000 ____D C:\Breaking Point

==================== One Month Modified Files and Folders =======

2013-12-10 22:39 - 2013-12-10 22:38 - 00021441 _____ C:\Users\Patrick\Downloads\FRST.txt
2013-12-10 22:38 - 2013-12-10 22:38 - 01928110 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-12-10 22:38 - 2013-12-10 22:38 - 00000000 ____D C:\FRST
2013-12-10 22:35 - 2012-04-09 22:23 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Winamp
2013-12-10 22:27 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 22:27 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 22:26 - 2013-08-26 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-10 22:24 - 2013-12-10 21:38 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-10 22:23 - 2013-12-10 22:22 - 00010103 _____ C:\Windows\WindowsUpdate.log
2013-12-10 22:22 - 2012-01-24 16:02 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Skype
2013-12-10 22:19 - 2013-12-10 22:19 - 00000056 _____ C:\Windows\setupact.log
2013-12-10 22:19 - 2013-12-10 22:19 - 00000000 _____ C:\Windows\setuperr.log
2013-12-10 22:13 - 2011-12-10 12:39 - 00000000 ____D C:\Windows\Minidump
2013-12-10 22:13 - 2011-05-21 13:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\DAEMON Tools Lite
2013-12-10 22:13 - 2011-05-19 00:15 - 00000000 ____D C:\Windows\Panther
2013-12-10 22:09 - 2013-12-10 22:09 - 00233520 _____ C:\Windows\RegBootClean64.exe
2013-12-10 22:09 - 2013-12-10 22:09 - 00221628 _____ C:\Users\Patrick\AppData\Local\census.cache
2013-12-10 22:09 - 2013-12-10 22:09 - 00143387 _____ C:\Users\Patrick\AppData\Local\ars.cache
2013-12-10 21:48 - 2013-12-10 21:48 - 00000036 _____ C:\Users\Patrick\AppData\Local\housecall.guid.cache
2013-12-10 21:48 - 2013-12-10 21:47 - 02405664 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HousecallLauncher64.exe
2013-12-10 21:39 - 2013-12-10 21:39 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Avira
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\APN
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\ProgramData\Avira
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-10 21:36 - 2013-12-10 21:37 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-10 21:36 - 2013-12-10 21:37 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-10 21:36 - 2013-12-10 21:37 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-10 21:36 - 2013-12-10 21:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-10 21:33 - 2013-12-10 21:33 - 02294160 _____ C:\Users\Patrick\Downloads\avira_free_antivirus.exe
2013-12-10 21:02 - 2012-12-08 23:18 - 00000000 ____D C:\Users\Patrick\Desktop\Hack
2013-12-10 20:55 - 2013-12-10 20:46 - 00000000 __SHD C:\Windows\SysWOW64\{$1179-4133-5326-3114$}
2013-12-10 20:53 - 2011-05-18 14:25 - 00000000 ___RD C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-10 20:51 - 2012-04-08 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 20:50 - 2013-11-30 20:55 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2 OA
2013-12-10 20:47 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-10 20:36 - 2011-06-10 15:19 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client
2013-12-10 13:54 - 2013-10-01 17:16 - 00000115 _____ C:\Users\Patrick\Downloads\Settings.ini
2013-12-10 13:48 - 2013-09-14 12:53 - 00004570 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-12-10 13:48 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-12-10 13:45 - 2012-01-24 16:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-10 13:45 - 2012-01-24 16:02 - 00000000 ____D C:\ProgramData\Skype
2013-12-10 13:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 21:07 - 2011-05-19 00:14 - 00710518 _____ C:\Windows\system32\perfh007.dat
2013-12-09 21:07 - 2011-05-19 00:14 - 00154848 _____ C:\Windows\system32\perfc007.dat
2013-12-09 21:07 - 2009-07-14 06:13 - 01651822 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 20:46 - 2011-05-18 14:27 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{77E57025-0BF1-40B5-B572-45D029796284}
2013-12-08 23:10 - 2011-05-18 16:29 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-08 22:51 - 2011-05-18 16:29 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-08 20:59 - 2011-09-27 14:54 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-08 20:38 - 2012-06-06 17:05 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-12-08 00:29 - 2013-12-08 00:29 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-12-08 00:23 - 2011-09-27 16:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-12-07 18:19 - 2013-09-26 21:18 - 00000200 _____ C:\Users\Patrick\Downloads\Neues Textdokument.txt
2013-12-07 00:44 - 2013-11-10 12:53 - 00000252 _____ C:\Users\Patrick\AppData\Roaming\BreakingPoint_Login.ini
2013-12-07 00:44 - 2013-08-17 20:46 - 00001221 _____ C:\Users\Patrick\AppData\Roaming\BreakingPoint_Options.ini
2013-12-06 18:01 - 2013-08-15 21:14 - 00000147 _____ C:\Users\Patrick\AppData\Roaming\options.ini
2013-12-03 17:17 - 2013-11-10 12:46 - 00000000 ____D C:\Breaking Point
2013-11-30 20:55 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\Documents\ArmA 2
2013-11-30 20:54 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2
2013-11-30 19:54 - 2013-11-30 19:54 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2 Operation Arrowhead.url
2013-11-30 19:04 - 2013-11-30 19:04 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2.url
2013-11-30 11:18 - 2013-12-01 17:34 - 00000000 ____D C:\Users\Patrick\Downloads\Sido-30-11-80-DE-2013
2013-11-28 17:12 - 2013-07-06 16:19 - 00000000 ____D C:\Users\Patrick\AppData\Local\Arma 3
2013-11-28 16:41 - 2012-12-21 19:01 - 00000032 _____ C:\folder.ini
2013-11-27 00:42 - 2013-11-27 00:42 - 00037376 _____ C:\Windows\SysWOW64\uplay_r1_loader.dll
2013-11-25 23:31 - 2013-08-17 15:47 - 00000000 ____D C:\Users\Patrick\Desktop\Cheathappens GameCheatz
2013-11-25 21:49 - 2013-11-24 22:28 - 00000000 ____D C:\Users\Patrick\Documents\Assassin's Creed IV Black Flag
2013-11-25 19:18 - 2012-05-19 22:56 - 00000000 ____D C:\Users\Patrick\Desktop\Programme
2013-11-24 22:28 - 2012-11-29 11:53 - 00001211 _____ C:\Users\Patrick\Desktop\Uplay.lnk
2013-11-24 22:27 - 2011-05-18 16:29 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-24 22:25 - 2011-05-18 14:47 - 01625166 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-24 21:43 - 2011-05-18 16:36 - 00280792 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-24 17:13 - 2013-11-24 17:13 - 00000209 _____ C:\Users\Patrick\Desktop\Assassins Creed IV Black Flag.url
2013-11-19 11:21 - 2011-05-18 14:53 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-17 17:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Obsidian Entertainment
2013-11-16 13:12 - 2013-11-16 13:12 - 00000000 ____D C:\ProgramData\Obsidian Entertainment
2013-11-16 11:58 - 2011-05-18 14:25 - 00001431 _____ C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-16 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-16 11:56 - 2012-04-27 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 02:17 - 2013-11-16 02:17 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-16 02:06 - 2013-11-15 20:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 01:33 - 2013-11-16 01:33 - 00000174 _____ C:\Users\Patrick\Desktop\rust..url
2013-11-14 20:52 - 2012-04-08 09:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 20:52 - 2012-04-08 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 20:52 - 2011-06-03 19:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 20:51 - 2011-06-23 11:37 - 00000000 ____D C:\Users\Patrick\AppData\Local\Adobe
2013-11-14 00:25 - 2011-08-09 21:08 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-14 00:25 - 2011-05-18 14:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-14 00:25 - 2011-05-18 14:46 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-14 00:24 - 2013-08-15 23:07 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 00:21 - 2011-05-18 15:09 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 11:00 - 2013-11-11 10:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-11 11:00 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files\iTunes
2013-11-11 11:00 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-11 10:59 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files\iPod
2013-11-10 21:05 - 2013-09-05 11:22 - 00000059 _____ C:\RisingStormBoT.cfg
2013-11-10 21:05 - 2013-09-05 11:22 - 00000000 _____ C:\RisingStorm.log
2013-11-10 12:47 - 2013-11-10 12:47 - 00000711 _____ C:\Users\Patrick\Desktop\Breaking Point.lnk
2013-11-10 12:47 - 2013-01-10 17:07 - 00000000 ____D C:\ProgramData\Package Cache

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\ProgramData\hpe29C5.dll


Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 16:55

==================== End Of Log ============================
--- --- ---

--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2013
Ran by Patrick at 2013-12-10 22:39:34
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acer eDisplay Management (x32 Version: 1.35.004)
Acoustica Effects Pack (x32 Version: 3.0)
Adobe AIR (x32 Version: 1.5.3.9120)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
AirMech (x32)
Akamai NetSession Interface (HKCU)
Akamai NetSession Interface Service (x32)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
AMD Accelerated Video Transcoding (Version: 13.20.100.30921)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD AVIVO64 Codecs (Version: 11.6.0.11003)
AMD Catalyst Control Center (x32 Version: 2013.0921.356.5161)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0921.356.5161)
AMD Media Foundation Decoders (Version: 1.0.80921.0505)
AMD Wireless Display v3.0 (Version: 1.0.0.14)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Arctic Combat (x32)
Arma 2 (x32)
Arma 2: Operation Arrowhead (x32)
Arma 3 Alpha (x32)
ArmA II Launcher (x32 Version: 1.4.0.0)
Assassin’s Creed IV Black Flag (x32)
Assassin's Creed III 1.01 (x32 Version: 1.01)
Avira Free Antivirus (x32 Version: 14.0.1.759)
Avira SearchFree Toolbar (x32 Version: 12.6.0.1898)
AviSynth 2.5 (x32)
Batman Arkham City version 1.0 (x32 Version: 1.0)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlefield 3™ (x32 Version: 1.4.0.0)
Battlefield 4™ (x32 Version: 1.0.0.0)
Battlefield 4™ Beta (x32 Version: 1.0.0.0)
Battlefield Heroes (Patrick) (HKCU)
Battlefield Heroes (PTE) (HKCU)
Battlefield Play4Free (Patrick) (HKCU)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.3.2)
BattlEye for OA Uninstall (x32)
Benutzerhandbuch EPSON BX535WD Series (x32)
BioShock Infinite (x32)
Blacklight: Retribution (x32)
Bonjour (Version: 3.0.0.10)
Borderlands (x32)
Borderlands 2 (x32)
Botanicula (x32)
Bullet Run (HKCU)
BulletStorm (x32 Version: 1.0.0001.130)
Bunch Of Heroes (x32)
Burnout Paradise: The Ultimate Box (x32)
calibre (x32 Version: 0.9.7)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0)
Call of Duty(R) - World at War(TM) (x32 Version: 1.7)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32 Version: 1.4.1)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32)
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5)
Call of Duty(R) - World at War(TM) 1.5 Patch (x32)
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6)
Call of Duty(R) - World at War(TM) 1.6 Patch (x32)
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7)
Call of Duty(R) - World at War(TM) 1.7 Patch (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II - Zombies (x32)
Call of Duty: Black Ops II (x32)
Call of Duty: Modern Warfare 3 - Dedicated Server (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 (x32)
Camtasia Studio 7 (x32 Version: 7.1.1)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0921.356.5161)
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center Localization All (x32 Version: 2013.0921.356.5161)
CCC Help Chinese Standard (x32 Version: 2013.0921.0355.5161)
CCC Help Chinese Traditional (x32 Version: 2013.0921.0355.5161)
CCC Help Czech (x32 Version: 2013.0921.0355.5161)
CCC Help Danish (x32 Version: 2013.0921.0355.5161)
CCC Help Dutch (x32 Version: 2013.0921.0355.5161)
CCC Help English (x32 Version: 2013.0921.0355.5161)
CCC Help Finnish (x32 Version: 2013.0921.0355.5161)
CCC Help French (x32 Version: 2013.0921.0355.5161)
CCC Help German (x32 Version: 2013.0921.0355.5161)
CCC Help Greek (x32 Version: 2013.0921.0355.5161)
CCC Help Hungarian (x32 Version: 2013.0921.0355.5161)
CCC Help Italian (x32 Version: 2013.0921.0355.5161)
CCC Help Japanese (x32 Version: 2013.0921.0355.5161)
CCC Help Korean (x32 Version: 2013.0921.0355.5161)
CCC Help Norwegian (x32 Version: 2013.0921.0355.5161)
CCC Help Polish (x32 Version: 2013.0921.0355.5161)
CCC Help Portuguese (x32 Version: 2013.0921.0355.5161)
CCC Help Russian (x32 Version: 2013.0921.0355.5161)
CCC Help Spanish (x32 Version: 2013.0921.0355.5161)
CCC Help Swedish (x32 Version: 2013.0921.0355.5161)
CCC Help Thai (x32 Version: 2013.0921.0355.5161)
CCC Help Turkish (x32 Version: 2013.0921.0355.5161)
ccc-utility64 (Version: 2013.0921.356.5161)
CCleaner (Version: 3.18)
CDBurnerXP (Version: 4.3.8.2631)
CDBurnerXP (x32 Version: 4.5.0.3717)
Cheat Engine 6.1 (x32)
Cheat Engine 6.2 (x32)
Chivalry: Medieval Warfare (x32)
CloneCD (x32)
Company of Heroes (x32)
Company of Heroes: Opposing Fronts (x32)
Company of Heroes: Tales of Valor (x32)
COMPUTERBILD SPIELE Game-Center (x32 Version: 1.1.10)
ConvertHelper 2.2 (x32)
Counter-Strike: Global Offensive (x32)
Cover Druckstudio (HKCU Version: 2.0.0.7)
Crysis®3 MP Open Beta (x32 Version: 1.0.0.0)
DAEMON Tools Lite (x32 Version: 4.40.2.0131)
Dark Souls: Prepare to Die Edition (x32)
DayZ Commander (x32 Version: 1.09.52)
DayZ Unleashed (HKCU Version: 01.00.00.00)
Dead Island (x32)
Dead Space™ 3 (x32 Version: 1.0.0.0)
DEFIANCE (x32 Version: 1.00.0000)
Desura (x32 Version: 100.53)
DH Driver Cleaner Professional Edition (x32 Version: Version 1.5)
Diablo III (x32 Version: 1.0.3.10485)
DiRT 3 (x32 Version: 1.0.0000.130)
DiRT 3 (x32 Version: 1.0.0001.130)
Dishonored (x32 Version: 1.0)
DivX-Setup (x32 Version: 2.5.0.11)
Don't Starve (x32)
Dota 2 (x32)
Download Navigator (x32 Version: 1.1.0)
Dragon Age II (x32 Version: 1.03)
Driver San Francisco (x32 Version: 1.4.0.0)
Dropbox (HKCU Version: 2.0.22)
Dungeon Defenders (x32)
EPSON BX535WD Series Printer Uninstall
Epson Easy Photo Print 2 (x32 Version: 2.3.0.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000)
Epson Event Manager (x32 Version: 2.50.0001)
EPSON Scan (x32)
EpsonNet Print (x32 Version: 2.4j)
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.0)
ESN Sonar (x32 Version: 0.70.4)
Euro Truck Simulator 2 (x32 Version: 1.0.2)
Fable III (x32 Version: 1.0.0000.131)
Fable III (x32 Version: 1.0.0001.131)
Fallout: New Vegas (x32)
Far Cry 3 (x32 Version: 1.02)
FlatOut Ultimate Carnage (x32)
Flyff (x32 Version: Flyff)
Fraps (x32)
Free YouTube Uploader version 3.3.41.320 (x32 Version: 3.3.41.320)
Gameforge Live 1.3.0 "Legend" (x32 Version: 1.3.0)
GamersFirst LIVE! (x32)
Ghost Recon Online (EU) (HKCU Version: 1.34.288.2)
GhostMouse (x32 Version: Free V3.1)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
Grand Theft Auto: Episodes from Liberty City (x32)
GRID 2 (x32)
Guild Wars 2 (x32)
Hex-Editor MX (x32 Version: 6.0)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
Hitman: Absolution (x32)
HydraVision (x32 Version: 4.2.212.0)
Infestation Survivor Stories version 1.0 (x32 Version: 1.0)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 22 (x32 Version: 6.0.220)
Java(TM) 6 Update 29 (x32 Version: 6.0.290)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JDownloader 2 (x32 Version: 2)
Kane & Lynch 2: Dog Days (x32)
K-Lite Mega Codec Pack 8.6.0 (x32 Version: 8.6.0)
L.A. Noire (x32 Version: 1.00.0000)
LcdStudio 2.0 Build 806 (x32 Version: 2.0 Build 806)
League of Legends (x32 Version: 1.02.0000)
Logitech Gaming Software 8.12 (Version: 8.12.030)
Logitech SetPoint 6.30 (Version: 6.30.43)
Mafia II (x32)
MAGIX Foto & Grafik Designer 6 SE (Version: 6.1.3.24817)
MAGIX Foto & Grafik Designer 6 SE (x32 Version: 6.1.3.24817)
Mass Effect™ 3 (x32 Version: 1.05.0.0)
Mass Effect™ 3 Demo (x32 Version: 1.0.0.0)
Max Payne 3 (x32 Version: 1.0.0.0)
MechWarrior Online (HKCU Version: 1.2.0.0)
MechWarrior Online (x32 Version: 1.2.0.0)
Medal of Honor™ Warfighter (x32 Version: 1.0.0.0)
Media Go (x32 Version: 1.4.269)
MegaTrainer eXperience V1.1.5.5 (x32)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4.5.1 RC (Version: 4.5.50861)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Expression Encoder 4 (x32 Version: 4.0.4276.0)
Microsoft Expression Encoder 4 Screen Capture Codec (x32 Version: 4.0.4276.0)
Microsoft Flight (x32)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (x32 Version: 12.0.21005.1)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
Mp3tag v2.51 (x32 Version: v2.51)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NCsoft Launcher (x32 Version: 1.5.7000)
Need For Speed™ World (x32 Version: 1.0.0.722)
Netzwerkhandbuch EPSON BX535WD Series (x32)
Nexon Game Manager (x32)
Notepad++ (x32 Version: 6.4.5)
NVIDIA PhysX (x32 Version: 9.12.1031)
OF Dragon Rising (x32 Version: 1.02.0000)
Open Broadcaster Software (x32)
OpenAL (x32)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
OpenVPN 2.2.2 (x32 Version: 2.2.2)
Opera 11.60 (x32 Version: 11.60.1185)
Opti Drive Control 1.44 (x32)
Origin (x32 Version: 8.5.0.4550)
PAYDAY 2 (x32)
PBO Manager v.1.4 beta (x32 Version: 1.4.0)
PDF Settings CS5 (x32 Version: 10.0)
Pivot Pro Plugin (x32 Version: 9.50.110)
PlanetSide 2 (x32)
PlanetSide 2 Beta (HKCU)
PlayStation(R)Network Downloader (x32 Version: 2.02.00076)
PlayStation(R)Store (x32 Version: 3.1.8.07881)
PS3 Video 9 6 (x32 Version: 6)
PunkBuster Services (x32 Version: 0.991)
QuickTime (x32 Version: 7.66.71.0)
RaiderZ (x32 Version: 1.0.0.36249)
Rapture3D 2.4.8 Game (x32)
Ravaged (x32)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6409)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482)
Red Orchestra 2: Heroes of Stalingrad (x32)
Remember Me (x32)
RoboForm 7-8-6-5 (All Users) (x32 Version: 7-8-6-5)
Rockstar Games Social Club (x32 Version: 1.0.9.5)
rust. (x32)
S4 League_EU (x32 Version: 1.00.0000)
Saints Row IV (x32)
Saints Row The Third (x32)
Samsung Kies (x32 Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0)
Sandboxie 3.74 (64-bit) (Version: 3.74)
SDFormatter (x32 Version: 3.0.0)
SDK (x32 Version: 2.22.002)
SimCity™ (x32 Version: 1.0.0.0)
SIW version 2010.07.14 (x32 Version: 2010.07.14)
Six Updater (x32 Version: 2.09.7024)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.11 (x32 Version: 6.11.102)
Sleeping Dogs™ (x32)
Sony Ericsson PC Companion 1.50.52 (x32 Version: 1.50.52)
Sony Ericsson PC Suite 6.011.00 (x32 Version: 6.011.00)
Steam (x32 Version: 1.0.0.0)
STREET FIGHTER IV (x32 Version: 1.00.3013)
Surgeon Simulator 2013 (x32)
System Requirements Lab CYRI (x32 Version: 6.0.7.0)
Team Fortress 2 Uncut Launcher v4.0 (x32)
TeamSpeak 3 Client (Version: 3.0.13.1)
TeamViewer 8 (x32 Version: 8.0.17292)
The Binding of Isaac (x32)
The Bureau: XCOM Declassified (x32 Version: 1)
The Elder Scrolls V: Skyrim (x32)
Tom Clancy's Ghost Recon Future Soldier (x32 Version: 1.4)
Tom Clancy's Splinter Cell Conviction (x32 Version: 1.03.000)
Tom Clancy's Splinter Cell® Blacklist™ (x32 Version: 1.02)
Tomb Raider (x32)
Total Commander 64-bit (Remove or Repair) (Version: 8.01)
Total Video Converter 3.71 100812 (x32)
Tribes: Ascend (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
UltraISO Premium V9.36 (x32)
Uplay (x32 Version: 4.0)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)
Vindictus EU (x32)
VLC media player 1.1.9 (x32 Version: 1.1.9)
War of the Roses (x32)
War Thunder (x32)
War Thunder Launcher 1.0.1.148 (x32)
Warhammer 40,000 Space Marine (x32)
WBFS Manager 3.0 (x32 Version: 3.0)
Winamp (x32 Version: 5.623 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.00 (64-Bit) (Version: 4.00.0)
World of Tanks v.0.7.1 (x32)
World of Warcraft (x32 Version: 5.1.0.16357)
Worms Ultimate Mayhem (x32)
XCOM: Enemy Unknown (x32)
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777)
XNeat Windows Manager (x32)

==================== Restore Points  =========================

26-11-2013 19:12:14 Windows Update
29-11-2013 19:51:31 Windows Update
04-12-2013 14:15:12 Windows Update
08-12-2013 17:27:13 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-04-01 18:35 - 00001215 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 account.playwarz.com
127.0.0.1 account.playwarz.com
127.0.0.1 account.playwarz.com
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1
127.0.0.1


==================== Scheduled Tasks (whitelisted) =============

Task: {76FB0F2D-1AA7-43C0-871F-31BF7FC0251E} - System32\Tasks\Open URL by RoboForm => C:\Windows\System32\url.dll [2013-11-16] (Microsoft Corporation)
Task: {BBC79A1A-EE30-4EBA-95AE-BB2D73D2B2F2} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [2013-01-27] (Siber Systems)
Task: {C1459A26-FF70-4A3E-B2CC-399FE4EB8D88} - System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl => C:\Users\Patrick\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\MinibarChrome.exe [2013-06-26] (Sien SA)
Task: {CFCCA03D-EB7C-484F-AEEC-F641133561A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-14] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-05-18 16:08 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext.dll
2012-12-18 00:46 - 2010-07-29 18:19 - 00293888 _____ () C:\Program Files (x86)\Total Video Converter\TVCShellExtx64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2011-06-24 00:42 - 2011-06-24 00:42 - 01302808 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00118784 _____ () C:\Program Files\Logitech Gaming Software\plugins\DevMgr-8.12.077\DevMgr.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00705536 _____ () C:\Program Files\Logitech Gaming Software\plugins\MainUI-8.12.179\MainUI.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00123904 _____ () C:\Program Files\Logitech Gaming Software\plugins\DevBusBulk-8.12.076\DevBusBulk.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00125952 _____ () C:\Program Files\Logitech Gaming Software\plugins\DevBusHid-8.12.078\DevBusHid.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00098304 _____ () C:\Program Files\Logitech Gaming Software\plugins\SimInput-8.12.068\SimInput.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00272384 _____ () C:\Program Files\Logitech Gaming Software\plugins\G13Device-8.12.155\G13Device.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00297984 _____ () C:\Program Files\Logitech Gaming Software\plugins\G19Device-8.12.147\G19Device.dll
2011-12-17 12:29 - 2011-12-17 12:29 - 00034304 _____ () C:\Program Files\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.12.049\PnpGamePanelDevices.dll
2013-09-21 02:58 - 2013-09-21 02:58 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-12-10 21:48 - 2009-08-17 08:38 - 00148992 _____ () C:\Users\Patrick\AppData\Local\Temp\HouseCall\libexpatw.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-15 20:09 - 2013-11-15 20:09 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-10 21:37 - 2013-12-10 21:36 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-11-14 20:52 - 2013-11-14 20:52 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00417280 _____ () C:\Program Files\Winamp\nsutil.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00078848 _____ () C:\Program Files\Winamp\nde.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00047616 _____ () C:\Program Files\Winamp\zlib.dll
2013-12-10 22:35 - 2013-12-10 22:35 - 00010752 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\auth.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00069120 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\burnlib.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00013824 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\dsp_sps.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00006656 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\enc_fhgaac.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004096 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\enc_flac.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005632 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\enc_lame.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004096 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\enc_vorbis.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004096 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\enc_wav.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00006144 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\enc_wma.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00023552 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_classicart.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00007168 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_crasher.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00023040 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_ff.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004096 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_find_on_disk.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00011264 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_hotkeys.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00041984 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_jumpex.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00021504 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_ml.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00009216 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_nopro.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00007168 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_orgler.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00011776 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_skinmanager.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00010240 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_timerestore.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00008192 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_tray.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00010752 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\gen_undo.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005120 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_avi.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00014336 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_cdda.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00006656 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_dshow.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005632 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_flac.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00003584 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_flv.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00003584 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_linein.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00020480 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_midi.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004608 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_mkv.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00018944 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_mod.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00023040 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_mp3.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005120 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_mp4.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00011776 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_nsv.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00003584 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_swf.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00011264 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_vorbis.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00006656 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_wav.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005632 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_wave.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00015360 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_wm.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004608 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\in_wv.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00003584 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_addons.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00006656 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_autotag.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005120 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_bookmarks.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00008704 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_devices.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00047616 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_disc.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00009728 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_downloads.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004608 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_enqplay.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00008704 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_history.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005120 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_impex.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00056320 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_local.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00003584 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_nowplaying.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00014336 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_online.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004096 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_orb.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00012800 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_playlists.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00034816 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_plg.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00047104 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_pmp.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00005120 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_rg.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00008192 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_transcode.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00014848 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ml_wire.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00036352 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\ombrowser.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00006144 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\out_disk.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00016384 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\out_ds.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00007680 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\out_wave.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00003072 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\playlist.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004608 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\pmp_activesync.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00020480 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\pmp_android.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00036864 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\pmp_ipod.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00003584 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\pmp_njb.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004096 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\pmp_p4s.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00011776 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\pmp_usb.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00039424 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\pmp_wifi.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00006144 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\tagz.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00088064 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\vis_avs.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00155648 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\vis_milk2.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00007680 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\vis_nsfs.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00204800 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\winamp.lng
2013-12-10 22:35 - 2013-12-10 22:35 - 00004096 _____ () C:\Users\Patrick\AppData\Local\Temp\WLZ5041.tmp\winampa.lng
2011-12-09 18:23 - 2012-04-09 22:23 - 00023040 _____ () C:\Program Files\Winamp\System\albumart.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00174080 _____ () C:\Program Files\Winamp\System\auth.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00019456 _____ () C:\Program Files\Winamp\System\bmp.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00044544 _____ () C:\Program Files\Winamp\System\devices.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00016896 _____ () C:\Program Files\Winamp\System\dlmgr.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00014336 _____ () C:\Program Files\Winamp\System\filereader.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00019456 _____ () C:\Program Files\Winamp\System\gif.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00016384 _____ () C:\Program Files\Winamp\System\gracenote.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00623616 _____ () C:\Program Files\Winamp\System\jnetlib.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00154624 _____ () C:\Program Files\Winamp\System\jpeg.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00084480 _____ () C:\Program Files\Winamp\System\playlist.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00103936 _____ () C:\Program Files\Winamp\System\png.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00013824 _____ () C:\Program Files\Winamp\System\primo.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00021504 _____ () C:\Program Files\Winamp\System\tagz.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00035328 _____ () C:\Program Files\Winamp\System\timer.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00090112 _____ () C:\Program Files\Winamp\System\xml.w5s
2011-12-09 18:23 - 2012-04-09 22:23 - 00068608 _____ () C:\Program Files\Winamp\Plugins\in_avi.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00102400 _____ () C:\Program Files\Winamp\Plugins\in_cdda.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00072192 _____ () C:\Program Files\Winamp\Plugins\in_dshow.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00061440 _____ () C:\Program Files\Winamp\Plugins\in_flac.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00043008 _____ () C:\Program Files\Winamp\Plugins\in_flv.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00007168 _____ () C:\Program Files\Winamp\Plugins\in_linein.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00109568 _____ () C:\Program Files\Winamp\Plugins\in_midi.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00049152 _____ () C:\Program Files\Winamp\Plugins\in_mkv.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00165376 _____ () C:\Program Files\Winamp\Plugins\in_mod.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00290304 _____ () C:\Program Files\Winamp\Plugins\in_mp3.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00052736 _____ () C:\Program Files\Winamp\Plugins\in_mp4.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00075264 _____ () C:\Program Files\Winamp\Plugins\in_nsv.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00023552 _____ () C:\Program Files\Winamp\Plugins\in_swf.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00253440 _____ () C:\Program Files\Winamp\Plugins\in_vorbis.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00016896 _____ () C:\Program Files\Winamp\Plugins\in_wave.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00253440 _____ () C:\Program Files\Winamp\libsndfile.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00313344 _____ () C:\Program Files\Winamp\Plugins\in_wm.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00022528 _____ () C:\Program Files\Winamp\Plugins\out_disk.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00052224 _____ () C:\Program Files\Winamp\Plugins\out_ds.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00018432 _____ () C:\Program Files\Winamp\Plugins\out_wave.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 01737728 _____ () C:\Program Files\Winamp\Plugins\gen_ff.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00083968 _____ () C:\Program Files\Winamp\tataki.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00340992 _____ () C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2011-12-09 18:23 - 2012-04-09 22:23 - 00027648 _____ () C:\Program Files\Winamp\Plugins\gen_hotkeys.dll
2011-11-10 23:10 - 2012-04-09 22:23 - 00185344 _____ () C:\Program Files\Winamp\Plugins\gen_jumpex.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00318464 _____ () C:\Program Files\Winamp\Plugins\gen_ml.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00294400 _____ () C:\Program Files\Winamp\Plugins\ml_local.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00082944 _____ () C:\Program Files\Winamp\Plugins\ml_playlists.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00124928 _____ () C:\Program Files\Winamp\Plugins\ml_online.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00249856 _____ () C:\Program Files\Winamp\Plugins\ml_devices.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00200192 _____ () C:\Program Files\Winamp\Plugins\ml_disc.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00241152 _____ () C:\Program Files\Winamp\Plugins\ml_pmp.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00060928 _____ () C:\Program Files\Winamp\Plugins\pmp_android.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00170496 _____ () C:\Program Files\Winamp\Plugins\pmp_ipod.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00020480 _____ () C:\Program Files\Winamp\Plugins\pmp_njb.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00118272 _____ () C:\Program Files\Winamp\Plugins\pmp_p4s.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00053760 _____ () C:\Program Files\Winamp\Plugins\pmp_usb.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00113664 _____ () C:\Program Files\Winamp\Plugins\pmp_wifi.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00028160 _____ () C:\Program Files\Winamp\Plugins\ml_bookmarks.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00052224 _____ () C:\Program Files\Winamp\Plugins\ml_history.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00028672 _____ () C:\Program Files\Winamp\Plugins\ml_autotag.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00057344 _____ () C:\Program Files\Winamp\Plugins\ml_impex.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00083456 _____ () C:\Program Files\Winamp\Plugins\ml_plg.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00033792 _____ () C:\Program Files\Winamp\Plugins\ml_rg.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00032256 _____ () C:\Program Files\Winamp\Plugins\ml_transcode.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00057344 _____ () C:\Program Files\Winamp\Plugins\gen_orgler.dll
2011-12-09 18:23 - 2012-04-09 22:23 - 00025600 _____ () C:\Program Files\Winamp\Plugins\gen_tray.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT
AlternateDataStreams: C:\Windows:2EC44431B2A92139
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2013 10:20:15 PM) (Source: ESENT) (User: )
Description: DllHost (3268) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Patrick\AppData\Local\Microsoft\Windows\WebCache\V010007E.log.

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f) (0x8004117f)

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=1100} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
        0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))


System errors:
=============
Error: (12/10/2013 10:24:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2

Error: (12/10/2013 10:24:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/10/2013 10:24:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/10/2013 10:20:31 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (12/10/2013 10:20:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/10/2013 10:20:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (12/10/2013 10:19:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (12/10/2013 10:19:57 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KS0108
LC7981
n3900
SED133x
T6963C

Error: (12/10/2013 10:19:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (12/10/2013 10:19:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577


Microsoft Office Sessions:
=========================
Error: (12/10/2013 10:20:15 PM) (Source: ESENT)(User: )
Description: DllHost3268WebCacheLocal: C:\Users\Patrick\AppData\Local\Microsoft\Windows\WebCache\V010007E.log-1811

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service)(User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service)(User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2013 10:20:01 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f) (0x8004117f)

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service)(User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
1100

Error: (12/10/2013 10:20:00 PM) (Source: Windows Search Service)(User: )
Description:
Details:
        0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.  (HRESULT : 0x8004117f))


CodeIntegrity Errors:
===================================
  Date: 2013-12-10 22:19:57.768
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:57.534
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:51.996
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:51.778
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:51.528
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:51.310
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:32.122
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:31.919
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:31.716
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-10 22:19:31.514
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 24%
Total physical RAM: 8190.49 MB
Available physical RAM: 6152.18 MB
Total Pagefile: 16379.16 MB
Available Pagefile: 14100.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:196.77 GB) (Free:102.96 GB) NTFS
Drive d: (Musik und Bilder) (Fixed) (Total:36.02 GB) (Free:6.36 GB) NTFS
Drive f: (Spiele) (Fixed) (Total:1862.89 GB) (Free:707.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: C5E2C5E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=197 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=36 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================

aharonov 11.12.2013 09:33
ok.


Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
IFEO\avcenter.exe: [Debugger] nsjw.exe
IFEO\avguard.exe: [Debugger] nsjw.exe
IFEO\avp.exe: [Debugger] nsjw.exe
IFEO\bdagent.exe: [Debugger] nsjw.exe
IFEO\ccuac.exe: [Debugger] nsjw.exe
IFEO\ComboFix.exe: [Debugger] nsjw.exe
IFEO\egui.exe: [Debugger] nsjw.exe
IFEO\hijackthis.exe: [Debugger] nsjw.exe
IFEO\keyscrambler.exe: [Debugger] nsjw.exe
IFEO\mbam.exe: [Debugger] nsjw.exe
IFEO\MpCmdRun.exe: [Debugger] nsjw.exe
IFEO\MSASCui.exe: [Debugger] nsjw.exe
IFEO\MsMpEng.exe: [Debugger] nsjw.exe
IFEO\msseces.exe: [Debugger] nsjw.exe
IFEO\NisSrv.exe: [Debugger] nsjw.exe
IFEO\spybotsd.exe: [Debugger] nsjw.exe
IFEO\wireshark.exe: [Debugger] nsjw.exe
IFEO\zlclient.exe: [Debugger] nsjw.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Schritt 2

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.




Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

starxick 11.12.2013 18:47
Hallo

Als erstes ich habe nun eine komplette Durchsuchung durchgeführt und ich bekam noch 3 Funde
1. Java Blacole.smo
2.Troj Ransom.smc2
3.Java Mailsend.ic

Aber hat erlich gesagt nix geholfen Sicherheitscenter ist immer noch runtergefahren. Ok dann zu denn Ergebnissen

Fixlist:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-12-2013 01
Ran by Patrick at 2013-12-11 17:44:56 Run:1
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
IFEO\avcenter.exe: [Debugger] nsjw.exe
IFEO\avguard.exe: [Debugger] nsjw.exe
IFEO\avp.exe: [Debugger] nsjw.exe
IFEO\bdagent.exe: [Debugger] nsjw.exe
IFEO\ccuac.exe: [Debugger] nsjw.exe
IFEO\ComboFix.exe: [Debugger] nsjw.exe
IFEO\egui.exe: [Debugger] nsjw.exe
IFEO\hijackthis.exe: [Debugger] nsjw.exe
IFEO\keyscrambler.exe: [Debugger] nsjw.exe
IFEO\mbam.exe: [Debugger] nsjw.exe
IFEO\MpCmdRun.exe: [Debugger] nsjw.exe
IFEO\MSASCui.exe: [Debugger] nsjw.exe
IFEO\MsMpEng.exe: [Debugger] nsjw.exe
IFEO\msseces.exe: [Debugger] nsjw.exe
IFEO\NisSrv.exe: [Debugger] nsjw.exe
IFEO\spybotsd.exe: [Debugger] nsjw.exe
IFEO\wireshark.exe: [Debugger] nsjw.exe
IFEO\zlclient.exe: [Debugger] nsjw.exe
*****************

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avcenter.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avguard.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bdagent.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccuac.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComboFix.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\egui.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hijackthis.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\keyscrambler.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msseces.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NisSrv.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\spybotsd.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlclient.exe => Key not found.

==== End of Fixlog ====
Combofix:
Code:
ComboFix 13-12-10.01 - Patrick 11.12.2013  17:57:37.1.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.8190.6350 [GMT 1:00]
ausgeführt von:: c:\users\Patrick\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Patrick\AppData\Local\assembly\tmp
c:\users\Patrick\AppData\Roaming\Hotspot Shield Elite 2.65.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\tmp51ED.tmp
c:\windows\SysWow64\tmp51EE.tmp
c:\windows\SysWow64\tmpC557.tmp
c:\windows\SysWow64\tmpC69F.tmp
c:\windows\SysWow64\tmpDB93.tmp
c:\windows\SysWow64\tmpDBB4.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-11-11 bis 2013-12-11  ))))))))))))))))))))))))))))))
.
.
2013-12-11 17:06 . 2013-12-11 17:06        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-12-10 21:38 . 2013-12-11 16:44        --------        d-----w-        C:\FRST
2013-12-10 21:09 . 2013-12-10 21:09        233520        ----a-w-        c:\windows\RegBootClean64.exe
2013-12-10 20:39 . 2013-12-10 20:39        --------        d-----w-        c:\users\Patrick\AppData\Roaming\Avira
2013-12-10 20:38 . 2013-12-10 20:38        --------        d-----w-        c:\programdata\AskPartnerNetwork
2013-12-10 20:38 . 2013-12-10 20:38        --------        d-----w-        c:\program files (x86)\AskPartnerNetwork
2013-12-10 20:38 . 2013-12-10 20:38        --------        d-----w-        c:\programdata\APN
2013-12-10 20:37 . 2013-12-10 20:36        83160        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2013-12-10 20:37 . 2013-12-10 20:36        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2013-12-10 20:37 . 2013-12-10 20:36        132600        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2013-12-10 20:37 . 2013-12-10 20:36        107416        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2013-12-10 20:37 . 2013-12-10 20:37        --------        d-----w-        c:\programdata\Avira
2013-12-10 20:37 . 2013-12-10 20:37        --------        d-----w-        c:\program files (x86)\Avira
2013-12-10 19:46 . 2013-12-10 19:55        --------        d-sh--w-        c:\windows\SysWow64\{$1179-4133-5326-3114$}
2013-12-09 19:52 . 2013-11-08 03:12        10285968        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E1C36442-600A-4B46-8704-48EB2BF93984}\mpengine.dll
2013-12-08 17:27 . 2013-11-08 03:12        10285968        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-07 23:29 . 2013-12-07 23:29        76888        ----a-w-        c:\windows\system32\PnkBstrA.exe
2013-12-07 12:44 . 2013-10-19 17:21        965000        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EF6204C-CDD2-4453-BAC3-AFFA01FC1AB9}\gapaengine.dll
2013-11-30 19:55 . 2013-12-10 19:50        --------        d-----w-        c:\users\Patrick\AppData\Local\ArmA 2 OA
2013-11-30 19:54 . 2013-11-30 19:54        --------        d-----w-        c:\users\Patrick\AppData\Local\ArmA 2
2013-11-26 23:42 . 2013-11-26 23:42        37376        ----a-w-        c:\windows\SysWow64\uplay_r1_loader.dll
2013-11-26 23:41 . 2013-11-26 23:41        --------        d-----w-        c:\programdata\Logs
2013-11-26 23:41 . 2013-04-11 15:12        19392        ----a-w-        c:\windows\system32\roboot64.exe
2013-11-24 21:23 . 2013-11-24 21:23        --------        d-----w-        c:\windows\Migration
2013-11-16 12:13 . 2013-11-16 12:13        --------        d-----w-        c:\users\Patrick\AppData\Roaming\Obsidian Entertainment
2013-11-16 12:12 . 2013-11-16 12:12        --------        d-----w-        c:\programdata\Obsidian Entertainment
2013-11-16 01:20 . 2013-10-14 17:00        28368        ----a-w-        c:\windows\system32\IEUDINIT.EXE
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-08 22:10 . 2011-05-18 15:29        214392        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-12-08 21:51 . 2011-05-18 15:29        214392        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-11-24 21:27 . 2011-05-18 15:29        75136        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2013-11-24 20:43 . 2011-05-18 15:36        280792        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-11-19 10:21 . 2011-05-18 13:53        267936        ------w-        c:\windows\system32\MpSigStub.exe
2013-11-14 19:52 . 2012-04-08 08:56        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-14 19:52 . 2011-06-03 18:55        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 23:21 . 2011-05-18 14:09        82896128        ----a-w-        c:\windows\system32\MRT.exe
2013-10-19 17:21 . 2011-05-20 14:04        965000        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-08 05:50 . 2013-10-22 19:19        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 01:38 . 2013-10-05 01:38        970912        ----a-w-        c:\windows\SysWow64\msvcr120.dll
2013-10-05 01:38 . 2013-10-05 01:38        83104        ----a-w-        c:\windows\SysWow64\mfcm120u.dll
2013-10-05 01:38 . 2013-10-05 01:38        83104        ----a-w-        c:\windows\SysWow64\mfcm120.dll
2013-10-05 01:38 . 2013-10-05 01:38        74920        ----a-w-        c:\windows\SysWow64\mfc120fra.dll
2013-10-05 01:38 . 2013-10-05 01:38        74920        ----a-w-        c:\windows\SysWow64\mfc120deu.dll
2013-10-05 01:38 . 2013-10-05 01:38        73896        ----a-w-        c:\windows\SysWow64\mfc120esn.dll
2013-10-05 01:38 . 2013-10-05 01:38        72872        ----a-w-        c:\windows\SysWow64\mfc120ita.dll
2013-10-05 01:38 . 2013-10-05 01:38        70824        ----a-w-        c:\windows\SysWow64\mfc120rus.dll
2013-10-05 01:38 . 2013-10-05 01:38        65192        ----a-w-        c:\windows\SysWow64\mfc120enu.dll
2013-10-05 01:38 . 2013-10-05 01:38        53928        ----a-w-        c:\windows\SysWow64\mfc120jpn.dll
2013-10-05 01:38 . 2013-10-05 01:38        53416        ----a-w-        c:\windows\SysWow64\mfc120kor.dll
2013-10-05 01:38 . 2013-10-05 01:38        46248        ----a-w-        c:\windows\SysWow64\mfc120cht.dll
2013-10-05 01:38 . 2013-10-05 01:38        46248        ----a-w-        c:\windows\SysWow64\mfc120chs.dll
2013-10-05 01:38 . 2013-10-05 01:38        455328        ----a-w-        c:\windows\SysWow64\msvcp120.dll
2013-10-05 01:38 . 2013-10-05 01:38        4449952        ----a-w-        c:\windows\SysWow64\mfc120u.dll
2013-10-05 01:38 . 2013-10-05 01:38        4424344        ----a-w-        c:\windows\SysWow64\mfc120.dll
2013-10-05 01:38 . 2013-10-05 01:38        339616        ----a-w-        c:\windows\SysWow64\vcamp120.dll
2013-10-05 01:38 . 2013-10-05 01:38        247984        ----a-w-        c:\windows\SysWow64\vccorlib120.dll
2013-10-05 01:38 . 2013-10-05 01:38        119456        ----a-w-        c:\windows\SysWow64\vcomp120.dll
2013-09-27 08:53 . 2013-09-27 08:53        248240        ----a-w-        c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2010-10-24 19:25        134944        ----a-w-        c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-21 03:33 . 2013-09-21 03:33        51200        ----a-w-        c:\windows\system32\kdbsdk64.dll
2013-09-21 03:28 . 2013-09-21 03:28        38912        ----a-w-        c:\windows\SysWow64\kdbsdk32.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-10-23 18:43        12240        ----a-w-        c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-10-23 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-21 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-10 683576]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-23 1673680]
.
c:\users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
explorers.ini.url [2013-12-10 81]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\avguard.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dump_wmimmc;dump_wmimmc;f:\spiele\WolfTeam-DE\GameGuard\dump_wmimmc.sys;f:\spiele\WolfTeam-DE\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 X6va005;X6va005;c:\users\Patrick\AppData\Local\Temp\00516EE.tmp;c:\users\Patrick\AppData\Local\Temp\00516EE.tmp [x]
R3 X6va007;X6va007;c:\users\Patrick\AppData\Local\Temp\007EAD6.tmp;c:\users\Patrick\AppData\Local\Temp\007EAD6.tmp [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R4 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 19:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-10-23 18:43        13776        ----a-w-        c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" [2013-10-23 13776]
.
[HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
"Debugger"=nsjw.exe
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 67.77.92.196:35421
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Patrick\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: RF - Formular ausfüllen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RF - Formular speichern - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: RF - Menü anpassen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF - RoboForm-Leiste ein/aus - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)
Wow6432Node-HKLM-Run-System Configuration - c:\windows\SysWOW64\{$1179-4133-5326-3114$}\mlconfig.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-SOE-Bullet Run - f:\spiele\BulletRun\Uninstaller.exe
AddRemove-SOE-PlanetSide 2 Beta - f:\spiele\PlanetSide 2\Uninstaller.exe
AddRemove-{6B34251B-AB68-4b47-AA5E-09B50EFE41A0} - d:\battlefield heroes pte\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Patrick\AppData\Local\Temp\00516EE.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\Patrick\AppData\Local\Temp\007EAD6.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2035284945-2354610706-3085669017-1001\Software\SecuROM\License information*]
"datasecu"=hex:24,3a,21,8d,ca,6a,1f,3f,c4,93,75,77,f8,45,5e,7f,6d,e1,a9,4d,6c,
  40,e0,fa,36,f5,30,9c,39,f1,3c,34,68,eb,4f,11,1d,0c,7b,8b,2f,d9,ac,e3,72,6d,\
"rkeysecu"=hex:23,9e,6b,38,62,9d,73,52,c3,b3,cb,b9,78,16,62,f8
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-12-11  18:13:32
ComboFix-quarantined-files.txt  2013-12-11 17:13
.
Vor Suchlauf: 18 Verzeichnis(se), 109.388.382.208 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 109.174.939.648 Bytes frei
.
- - End Of File - - CDAACB630BE3A5E540FAC002550DB478
A36C5E4F47E84449FF07ED3517B43A31
FRST:




FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01
Ran by Patrick (administrator) on PATRICK-PC on 11-12-2013 18:15:12
Running from C:\Users\Patrick\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDCountdown.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [110360 2011-09-29] (Logitech Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-12-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
IFEO\avguard.exe: [Debugger] nsjw.exe
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorers.ini.url ()

==================== Internet (Whitelisted) ====================

ProxyServer: 67.77.92.196:35421
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF11CBD29B3BDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\battlefieldplay4free@ea.com
FF Extension: GFACE Experience Plugin - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: DownloadHelper - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Bitdefender QuickScan - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: toolbar_AVIRA-V7 - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: flashgot - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: DVDVideoSoft Menu - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-07] (Adobe Systems)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-12-10] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] ()
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-10-26] ()
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [3889424 2011-08-01] (INCA Internet Co., Ltd.)
S4 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-08] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-11-24] ()
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-08-25] (SANDBOXIE L.T.D)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-12-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-12-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-21] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2010-04-16] (Portrait Displays, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-08-25] (SANDBOXIE L.T.D)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
U3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dump_wmimmc; \??\F:\Spiele\WolfTeam-DE\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va005; \??\C:\Users\Patrick\AppData\Local\Temp\00516EE.tmp [x]
S3 X6va007; \??\C:\Users\Patrick\AppData\Local\Temp\007EAD6.tmp [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-11 18:13 - 2013-12-11 18:13 - 00028208 _____ C:\ComboFix.txt
2013-12-11 17:55 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-11 17:55 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-11 17:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-11 17:54 - 2013-12-11 18:14 - 00000000 ____D C:\Qoobox
2013-12-11 17:53 - 2013-12-11 18:11 - 00000000 ____D C:\Windows\erdnt
2013-12-11 17:53 - 2013-12-11 17:53 - 05153140 ____R (Swearware) C:\Users\Patrick\Desktop\ComboFix.exe
2013-12-11 17:44 - 2013-12-11 17:44 - 00000000 ____D C:\Users\Patrick\Downloads\FRST-OlderVersion
2013-12-11 17:43 - 2013-12-11 17:43 - 00000000 _____ C:\Users\Patrick\Desktop\Neues Textdokument.txt
2013-12-10 22:39 - 2013-12-10 22:39 - 00053128 _____ C:\Users\Patrick\Downloads\Addition.txt
2013-12-10 22:38 - 2013-12-11 18:15 - 00019527 _____ C:\Users\Patrick\Downloads\FRST.txt
2013-12-10 22:38 - 2013-12-11 17:44 - 01928212 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-12-10 22:38 - 2013-12-11 17:44 - 00000000 ____D C:\FRST
2013-12-10 22:22 - 2013-12-11 17:40 - 00135604 _____ C:\Windows\WindowsUpdate.log
2013-12-10 22:19 - 2013-12-11 17:36 - 00000112 _____ C:\Windows\setupact.log
2013-12-10 22:19 - 2013-12-10 22:19 - 00000000 _____ C:\Windows\setuperr.log
2013-12-10 22:09 - 2013-12-11 08:00 - 00366229 _____ C:\Users\Patrick\AppData\Local\census.cache
2013-12-10 22:09 - 2013-12-11 08:00 - 00143387 _____ C:\Users\Patrick\AppData\Local\ars.cache
2013-12-10 22:09 - 2013-12-10 22:09 - 00233520 _____ C:\Windows\RegBootClean64.exe
2013-12-10 21:48 - 2013-12-10 21:48 - 00000036 _____ C:\Users\Patrick\AppData\Local\housecall.guid.cache
2013-12-10 21:47 - 2013-12-10 21:48 - 02405664 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HousecallLauncher64.exe
2013-12-10 21:39 - 2013-12-10 21:39 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Avira
2013-12-10 21:38 - 2013-12-10 22:24 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\APN
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\ProgramData\Avira
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-10 21:37 - 2013-12-10 21:36 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-10 21:37 - 2013-12-10 21:36 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-10 21:37 - 2013-12-10 21:36 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-10 21:37 - 2013-12-10 21:36 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-10 21:33 - 2013-12-10 21:33 - 02294160 _____ C:\Users\Patrick\Downloads\avira_free_antivirus.exe
2013-12-10 20:46 - 2013-12-10 20:55 - 00000000 __SHD C:\Windows\SysWOW64\{$1179-4133-5326-3114$}
2013-12-09 20:45 - 2013-10-22 13:59 - 00000000 ____D C:\Users\Patrick\Downloads\Spongebob-Bob_Hits-Das_Allerbeste_Album-2013-NoGroup
2013-12-08 00:29 - 2013-12-08 00:29 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-12-01 17:34 - 2013-11-30 11:18 - 00000000 ____D C:\Users\Patrick\Downloads\Sido-30-11-80-DE-2013
2013-11-30 20:55 - 2013-12-10 20:50 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2 OA
2013-11-30 20:54 - 2013-11-30 20:55 - 00000000 ____D C:\Users\Patrick\Documents\ArmA 2
2013-11-30 20:54 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2
2013-11-30 19:54 - 2013-11-30 19:54 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2 Operation Arrowhead.url
2013-11-30 19:04 - 2013-11-30 19:04 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2.url
2013-11-27 00:42 - 2013-11-27 00:42 - 00037376 _____ C:\Windows\SysWOW64\uplay_r1_loader.dll
2013-11-27 00:41 - 2013-04-11 16:12 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2013-11-24 22:28 - 2013-11-25 21:49 - 00000000 ____D C:\Users\Patrick\Documents\Assassin's Creed IV Black Flag
2013-11-24 17:13 - 2013-11-24 17:13 - 00000209 _____ C:\Users\Patrick\Desktop\Assassins Creed IV Black Flag.url
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Obsidian Entertainment
2013-11-16 13:12 - 2013-11-16 13:12 - 00000000 ____D C:\ProgramData\Obsidian Entertainment
2013-11-16 02:20 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-16 02:17 - 2013-11-16 02:17 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-16 01:33 - 2013-11-16 01:33 - 00000174 _____ C:\Users\Patrick\Desktop\rust..url
2013-11-15 20:09 - 2013-11-16 02:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 22:07 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 22:07 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 22:07 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 22:07 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 22:07 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 22:07 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 22:07 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 22:07 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 22:07 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 22:07 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 22:07 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 22:07 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 22:07 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 22:07 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 22:07 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 22:07 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 22:07 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 22:07 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 22:07 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 22:07 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 22:07 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 22:07 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 22:07 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 22:07 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 22:07 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 22:07 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 22:07 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 22:07 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 22:07 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 22:07 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-11 10:59 - 2013-11-11 11:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-11 10:59 - 2013-11-11 11:00 - 00000000 ____D C:\Program Files\iTunes
2013-11-11 10:59 - 2013-11-11 11:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-11 10:59 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2013-12-11 18:15 - 2013-12-10 22:38 - 00019527 _____ C:\Users\Patrick\Downloads\FRST.txt
2013-12-11 18:14 - 2013-12-11 17:54 - 00000000 ____D C:\Qoobox
2013-12-11 18:14 - 2011-06-10 12:57 - 00000000 ____D C:\Users\Patrick\AppData\Local\Apps\2.0
2013-12-11 18:13 - 2013-12-11 18:13 - 00028208 _____ C:\ComboFix.txt
2013-12-11 18:13 - 2012-02-18 18:45 - 00000000 ____D C:\Users\Giuseppe
2013-12-11 18:13 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-11 18:11 - 2013-12-11 17:53 - 00000000 ____D C:\Windows\erdnt
2013-12-11 18:06 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-11 17:53 - 2013-12-11 17:53 - 05153140 ____R (Swearware) C:\Users\Patrick\Desktop\ComboFix.exe
2013-12-11 17:44 - 2013-12-11 17:44 - 00000000 ____D C:\Users\Patrick\Downloads\FRST-OlderVersion
2013-12-11 17:44 - 2013-12-10 22:38 - 01928212 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-12-11 17:44 - 2013-12-10 22:38 - 00000000 ____D C:\FRST
2013-12-11 17:43 - 2013-12-11 17:43 - 00000000 _____ C:\Users\Patrick\Desktop\Neues Textdokument.txt
2013-12-11 17:43 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:43 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:40 - 2013-12-10 22:22 - 00135604 _____ C:\Windows\WindowsUpdate.log
2013-12-11 17:40 - 2012-01-24 16:02 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Skype
2013-12-11 17:36 - 2013-12-10 22:19 - 00000112 _____ C:\Windows\setupact.log
2013-12-11 08:00 - 2013-12-10 22:09 - 00366229 _____ C:\Users\Patrick\AppData\Local\census.cache
2013-12-11 08:00 - 2013-12-10 22:09 - 00143387 _____ C:\Users\Patrick\AppData\Local\ars.cache
2013-12-10 23:27 - 2012-04-09 22:23 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Winamp
2013-12-10 23:15 - 2013-10-01 17:16 - 00000115 _____ C:\Users\Patrick\Downloads\Settings.ini
2013-12-10 22:39 - 2013-12-10 22:39 - 00053128 _____ C:\Users\Patrick\Downloads\Addition.txt
2013-12-10 22:26 - 2013-08-26 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-10 22:24 - 2013-12-10 21:38 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-10 22:19 - 2013-12-10 22:19 - 00000000 _____ C:\Windows\setuperr.log
2013-12-10 22:13 - 2011-12-10 12:39 - 00000000 ____D C:\Windows\Minidump
2013-12-10 22:13 - 2011-05-21 13:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\DAEMON Tools Lite
2013-12-10 22:13 - 2011-05-19 00:15 - 00000000 ____D C:\Windows\Panther
2013-12-10 22:09 - 2013-12-10 22:09 - 00233520 _____ C:\Windows\RegBootClean64.exe
2013-12-10 21:48 - 2013-12-10 21:48 - 00000036 _____ C:\Users\Patrick\AppData\Local\housecall.guid.cache
2013-12-10 21:48 - 2013-12-10 21:47 - 02405664 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HousecallLauncher64.exe
2013-12-10 21:39 - 2013-12-10 21:39 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Avira
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\APN
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\ProgramData\Avira
2013-12-10 21:37 - 2013-12-10 21:37 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-10 21:36 - 2013-12-10 21:37 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-10 21:36 - 2013-12-10 21:37 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-10 21:36 - 2013-12-10 21:37 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-10 21:36 - 2013-12-10 21:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-10 21:33 - 2013-12-10 21:33 - 02294160 _____ C:\Users\Patrick\Downloads\avira_free_antivirus.exe
2013-12-10 21:02 - 2012-12-08 23:18 - 00000000 ____D C:\Users\Patrick\Desktop\Hack
2013-12-10 20:55 - 2013-12-10 20:46 - 00000000 __SHD C:\Windows\SysWOW64\{$1179-4133-5326-3114$}
2013-12-10 20:53 - 2011-05-18 14:25 - 00000000 ___RD C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-10 20:51 - 2012-04-08 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 20:50 - 2013-11-30 20:55 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2 OA
2013-12-10 20:47 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-10 20:36 - 2011-06-10 15:19 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client
2013-12-10 13:48 - 2013-09-14 12:53 - 00004570 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-12-10 13:48 - 2013-06-26 22:17 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-12-10 13:45 - 2012-01-24 16:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-10 13:45 - 2012-01-24 16:02 - 00000000 ____D C:\ProgramData\Skype
2013-12-10 13:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 21:07 - 2011-05-19 00:14 - 00710518 _____ C:\Windows\system32\perfh007.dat
2013-12-09 21:07 - 2011-05-19 00:14 - 00154848 _____ C:\Windows\system32\perfc007.dat
2013-12-09 21:07 - 2009-07-14 06:13 - 01651822 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 20:46 - 2011-05-18 14:27 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{77E57025-0BF1-40B5-B572-45D029796284}
2013-12-08 23:10 - 2011-05-18 16:29 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-08 22:51 - 2011-05-18 16:29 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-08 20:59 - 2011-09-27 14:54 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-08 20:38 - 2012-06-06 17:05 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-12-08 00:29 - 2013-12-08 00:29 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-12-08 00:23 - 2011-09-27 16:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-12-07 18:19 - 2013-09-26 21:18 - 00000200 _____ C:\Users\Patrick\Downloads\Neues Textdokument.txt
2013-12-07 00:44 - 2013-11-10 12:53 - 00000252 _____ C:\Users\Patrick\AppData\Roaming\BreakingPoint_Login.ini
2013-12-07 00:44 - 2013-08-17 20:46 - 00001221 _____ C:\Users\Patrick\AppData\Roaming\BreakingPoint_Options.ini
2013-12-06 18:01 - 2013-08-15 21:14 - 00000147 _____ C:\Users\Patrick\AppData\Roaming\options.ini
2013-12-03 17:17 - 2013-11-10 12:46 - 00000000 ____D C:\Breaking Point
2013-11-30 20:55 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\Documents\ArmA 2
2013-11-30 20:54 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2
2013-11-30 19:54 - 2013-11-30 19:54 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2 Operation Arrowhead.url
2013-11-30 19:04 - 2013-11-30 19:04 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2.url
2013-11-30 11:18 - 2013-12-01 17:34 - 00000000 ____D C:\Users\Patrick\Downloads\Sido-30-11-80-DE-2013
2013-11-28 17:12 - 2013-07-06 16:19 - 00000000 ____D C:\Users\Patrick\AppData\Local\Arma 3
2013-11-28 16:41 - 2012-12-21 19:01 - 00000032 _____ C:\folder.ini
2013-11-27 00:42 - 2013-11-27 00:42 - 00037376 _____ C:\Windows\SysWOW64\uplay_r1_loader.dll
2013-11-25 23:31 - 2013-08-17 15:47 - 00000000 ____D C:\Users\Patrick\Desktop\Cheathappens GameCheatz
2013-11-25 21:49 - 2013-11-24 22:28 - 00000000 ____D C:\Users\Patrick\Documents\Assassin's Creed IV Black Flag
2013-11-25 19:18 - 2012-05-19 22:56 - 00000000 ____D C:\Users\Patrick\Desktop\Programme
2013-11-24 22:28 - 2012-11-29 11:53 - 00001211 _____ C:\Users\Patrick\Desktop\Uplay.lnk
2013-11-24 22:27 - 2011-05-18 16:29 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-24 22:25 - 2011-05-18 14:47 - 01625166 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-24 21:43 - 2011-05-18 16:36 - 00280792 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-24 17:13 - 2013-11-24 17:13 - 00000209 _____ C:\Users\Patrick\Desktop\Assassins Creed IV Black Flag.url
2013-11-19 11:21 - 2011-05-18 14:53 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-17 17:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Obsidian Entertainment
2013-11-16 13:12 - 2013-11-16 13:12 - 00000000 ____D C:\ProgramData\Obsidian Entertainment
2013-11-16 11:58 - 2011-05-18 14:25 - 00001431 _____ C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-16 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-16 11:56 - 2012-04-27 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 02:17 - 2013-11-16 02:17 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-16 02:06 - 2013-11-15 20:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 01:33 - 2013-11-16 01:33 - 00000174 _____ C:\Users\Patrick\Desktop\rust..url
2013-11-14 20:52 - 2012-04-08 09:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 20:52 - 2012-04-08 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 20:52 - 2011-06-03 19:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 20:51 - 2011-06-23 11:37 - 00000000 ____D C:\Users\Patrick\AppData\Local\Adobe
2013-11-14 00:25 - 2011-08-09 21:08 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-14 00:25 - 2011-05-18 14:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-14 00:25 - 2011-05-18 14:46 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-14 00:24 - 2013-08-15 23:07 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 00:21 - 2011-05-18 15:09 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 11:00 - 2013-11-11 10:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-11 11:00 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files\iTunes
2013-11-11 11:00 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-11 10:59 - 2013-11-11 10:59 - 00000000 ____D C:\Program Files\iPod

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\ProgramData\hpe29C5.dll


Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 16:55

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

! Zusatz !: Ich konnte davor wo ich mich noch nicht gemeldet hatte Avira zwar installieren aber nicht ausführen bekamm immer eine Fehlermeldung. Habe danach diesen House Call Launcher genutzt und darüber ein Scann durchgeführt als Info für euch eventuell Hilft euch das ja

Kleiner Zwischenstand:

Ich bedanke mich erstmal RICHTIG RICHTIG RIIICHTIG DOLL bei dir :)

Ich kann nun wieder ohne Probleme mein Sicherheitscenter anschalten und Microsoft Security Essentials ist auch wieder da :) :)

Zu meiner Frage noch dazu : Welchen Antivirenschutz kannst du mir Empfehlen ? Hatte bis jetzt ja keine Probleme mit Microsoft Security Essentials

Und machen wir hier noch Weiter mit Test´s ? Eventuell findet sich ja doch was

aharonov 12.12.2013 08:29
Hallo,

Zitat:
Welchen Antivirenschutz kannst du mir Empfehlen ?
Spielt nicht so eine Rolle. MSE ist schon ok. Einfach auf keinen Fal zwei Antivirenprogramme parallel betreiben! (Deinstalliere jetzt also eines wieder.)


Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
IFEO\avguard.exe: [Debugger] nsjw.exe
ProxyServer: 67.77.92.196:35421
C:\ProgramData\hash.dat

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Schritt 2

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 3


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Schritt 4

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

starxick 12.12.2013 21:54
Hallo :)

Fixlog:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-12-2013
Ran by Patrick at 2013-12-12 15:53:04 Run:2
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
IFEO\avguard.exe: [Debugger] nsjw.exe
ProxyServer: 67.77.92.196:35421
C:\ProgramData\hash.dat
*****************

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avguard.exe => Key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
C:\ProgramData\hash.dat => Moved successfully.

==== End of Fixlog ====


Malewarebytes:

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.12.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Patrick :: PATRICK-PC [Administrator]

12.12.2013 15:55:59
mbam-log-2013-12-12 (15-55-59).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 224720
Laufzeit: 5 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKLM\SYSTEM\CurrentControlSet\Services\npggsvc (Trojan.Agent.FSA76) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe (Security.Hijack) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Patrick\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\System32\{$1179-4133-5326-3114$} (Trojan.Agent.BCM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\SysWOW64\{$1179-4133-5326-3114$} (Trojan.Agent.BCM) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 3
C:\Windows\System32\GameMon.des (Trojan.Agent.FSA76) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Patrick\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\empty.localstorage (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Patrick\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\MinibarChrome.exe (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


ESET Online Scanner

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=39c70b30214eb44b84b582546133e9da
# engine=16247
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-12 08:45:11
# local_time=2013-12-12 09:45:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 13321834 138510961 0 0
# scanned=673983
# found=10
# cleaned=0
# scan_time=20200
sh=BE07AB1C2254161E1B7ED19E0301445AA6B7E8DD ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6bea1054-62263641"
sh=A9783E670DA752B6477D3D4882580386035EC988 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\7055ef58-73514b96"
sh=7642ED67BE268F21DEB7EEA267665E8BD8B3C565 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\23510120-4504e001"
sh=BE07AB1C2254161E1B7ED19E0301445AA6B7E8DD ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\33e93ce9-4858feb8"
sh=EF134A6B3B04721AB1B72B423FD3306F05BE458D ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\929e985-70160a67"
sh=FC84B2BE1E1B14373F37BD0F772478209D3CF263 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6a9d99b4-5dd5bcc0"
sh=03CB5E29AB7D4C5098B8155216ED08B2C7E86AB1 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\59a04239-4db02c82"
sh=03CB5E29AB7D4C5098B8155216ED08B2C7E86AB1 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\59a04239-77e7c884"
sh=7DA72000BADCCD0403D079AE4BBBBC40BB3DEDF4 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Patrick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\485068fc-3c96009f"
sh=9CF44D1C6569310ABE818E8270A4EC744C8A2CF6 ft=1 fh=350e3cc49c6cefaa vn="a variant of Generik.GCHBRYJ trojan" ac=I fn="C:\Users\Patrick\Desktop\Gamekeyz.biz\Russiche IP Generator VPN\START_INTERFACE.exe"
FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-12-2013 02
Ran by Patrick (administrator) on PATRICK-PC on 12-12-2013 21:53:29
Running from C:\Users\Patrick\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x86\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDCountdown.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [110360 2011-09-29] (Logitech Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_152_Plugin.exe -update plugin [830344 2013-11-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorers.ini.url ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF11CBD29B3BDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\battlefieldplay4free@ea.com
FF Extension: GFACE Experience Plugin - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: DownloadHelper - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Bitdefender QuickScan - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: toolbar_AVIRA-V7 - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: flashgot - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: DVDVideoSoft Menu - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\3et2896h.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-07] (Adobe Systems)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] ()
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-10-26] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S4 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-08] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-11-24] ()
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-08-25] (SANDBOXIE L.T.D)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-21] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2010-04-16] (Portrait Displays, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-08-25] (SANDBOXIE L.T.D)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dump_wmimmc; \??\F:\Spiele\WolfTeam-DE\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va005; \??\C:\Users\Patrick\AppData\Local\Temp\00516EE.tmp [x]
S3 X6va007; \??\C:\Users\Patrick\AppData\Local\Temp\007EAD6.tmp [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-12 16:07 - 2013-12-12 16:07 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe
2013-12-12 15:55 - 2013-12-12 15:55 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Malwarebytes
2013-12-12 15:54 - 2013-12-12 15:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-12 15:54 - 2013-12-12 15:54 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-12 15:54 - 2013-12-12 15:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-12 15:54 - 2013-12-12 15:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-12 15:54 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-11 18:33 - 2013-12-11 18:33 - 00000792 _____ C:\Windows\PFRO.log
2013-12-11 18:13 - 2013-12-11 18:13 - 00028208 _____ C:\ComboFix.txt
2013-12-11 17:55 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-11 17:55 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-11 17:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-11 17:55 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-11 17:54 - 2013-12-11 18:14 - 00000000 ____D C:\Qoobox
2013-12-11 17:53 - 2013-12-11 18:11 - 00000000 ____D C:\Windows\erdnt
2013-12-11 17:44 - 2013-12-12 21:53 - 00000000 ____D C:\Users\Patrick\Downloads\FRST-OlderVersion
2013-12-10 22:39 - 2013-12-10 22:39 - 00053128 _____ C:\Users\Patrick\Downloads\Addition.txt
2013-12-10 22:38 - 2013-12-12 21:53 - 01927290 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-12-10 22:38 - 2013-12-12 21:53 - 00019062 _____ C:\Users\Patrick\Downloads\FRST.txt
2013-12-10 22:38 - 2013-12-12 21:53 - 00000000 ____D C:\FRST
2013-12-10 22:22 - 2013-12-12 20:05 - 00353822 _____ C:\Windows\WindowsUpdate.log
2013-12-10 22:19 - 2013-12-12 15:36 - 00000224 _____ C:\Windows\setupact.log
2013-12-10 22:19 - 2013-12-10 22:19 - 00000000 _____ C:\Windows\setuperr.log
2013-12-10 22:09 - 2013-12-11 08:00 - 00366229 _____ C:\Users\Patrick\AppData\Local\census.cache
2013-12-10 22:09 - 2013-12-11 08:00 - 00143387 _____ C:\Users\Patrick\AppData\Local\ars.cache
2013-12-10 22:09 - 2013-12-10 22:09 - 00233520 _____ C:\Windows\RegBootClean64.exe
2013-12-10 21:48 - 2013-12-10 21:48 - 00000036 _____ C:\Users\Patrick\AppData\Local\housecall.guid.cache
2013-12-10 21:47 - 2013-12-10 21:48 - 02405664 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HousecallLauncher64.exe
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\APN
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-10 21:33 - 2013-12-10 21:33 - 02294160 _____ C:\Users\Patrick\Downloads\avira_free_antivirus.exe
2013-12-09 20:45 - 2013-10-22 13:59 - 00000000 ____D C:\Users\Patrick\Downloads\Spongebob-Bob_Hits-Das_Allerbeste_Album-2013-NoGroup
2013-12-08 00:29 - 2013-12-08 00:29 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-12-01 17:34 - 2013-11-30 11:18 - 00000000 ____D C:\Users\Patrick\Downloads\Sido-30-11-80-DE-2013
2013-11-30 20:55 - 2013-12-12 20:59 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2 OA
2013-11-30 20:54 - 2013-11-30 20:55 - 00000000 ____D C:\Users\Patrick\Documents\ArmA 2
2013-11-30 20:54 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2
2013-11-30 19:54 - 2013-11-30 19:54 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2 Operation Arrowhead.url
2013-11-30 19:04 - 2013-11-30 19:04 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2.url
2013-11-27 00:42 - 2013-11-27 00:42 - 00037376 _____ C:\Windows\SysWOW64\uplay_r1_loader.dll
2013-11-27 00:41 - 2013-04-11 16:12 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2013-11-24 22:28 - 2013-11-25 21:49 - 00000000 ____D C:\Users\Patrick\Documents\Assassin's Creed IV Black Flag
2013-11-24 17:13 - 2013-11-24 17:13 - 00000209 _____ C:\Users\Patrick\Desktop\Assassins Creed IV Black Flag.url
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Obsidian Entertainment
2013-11-16 13:12 - 2013-11-16 13:12 - 00000000 ____D C:\ProgramData\Obsidian Entertainment
2013-11-16 02:20 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-16 02:17 - 2013-11-16 02:17 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-16 01:33 - 2013-11-16 01:33 - 00000174 _____ C:\Users\Patrick\Desktop\rust..url
2013-11-15 20:09 - 2013-11-16 02:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 22:07 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 22:07 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 22:07 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 22:07 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 22:07 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 22:07 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 22:07 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 22:07 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 22:07 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 22:07 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 22:07 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 22:07 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 22:07 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 22:07 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 22:07 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 22:07 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 22:07 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 22:07 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 22:07 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 22:07 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 22:07 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 22:07 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 22:07 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 22:07 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 22:07 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 22:07 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 22:07 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 22:07 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 22:07 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 22:07 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-12 21:53 - 2013-12-11 17:44 - 00000000 ____D C:\Users\Patrick\Downloads\FRST-OlderVersion
2013-12-12 21:53 - 2013-12-10 22:38 - 01927290 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-12-12 21:53 - 2013-12-10 22:38 - 00019062 _____ C:\Users\Patrick\Downloads\FRST.txt
2013-12-12 21:53 - 2013-12-10 22:38 - 00000000 ____D C:\FRST
2013-12-12 21:51 - 2013-12-10 22:22 - 00353822 _____ C:\Windows\WindowsUpdate.log
2013-12-12 21:36 - 2013-08-17 20:46 - 00001266 _____ C:\Users\Patrick\AppData\Roaming\BreakingPoint_Options.ini
2013-12-12 21:35 - 2013-11-10 12:53 - 00000252 _____ C:\Users\Patrick\AppData\Roaming\BreakingPoint_Login.ini
2013-12-12 21:35 - 2013-11-10 12:46 - 00000000 ____D C:\Breaking Point
2013-12-12 21:19 - 2013-08-15 21:14 - 00000147 _____ C:\Users\Patrick\AppData\Roaming\options.ini
2013-12-12 20:59 - 2013-11-30 20:55 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2 OA
2013-12-12 16:07 - 2013-12-12 16:07 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe
2013-12-12 15:55 - 2013-12-12 15:55 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Malwarebytes
2013-12-12 15:54 - 2013-12-12 15:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-12 15:54 - 2013-12-12 15:54 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-12 15:54 - 2013-12-12 15:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-12 15:54 - 2013-12-12 15:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-12 15:43 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 15:43 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 15:36 - 2013-12-10 22:19 - 00000224 _____ C:\Windows\setupact.log
2013-12-11 18:36 - 2013-10-01 17:16 - 00000115 _____ C:\Users\Patrick\Downloads\Settings.ini
2013-12-11 18:35 - 2012-01-24 16:02 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Skype
2013-12-11 18:33 - 2013-12-11 18:33 - 00000792 _____ C:\Windows\PFRO.log
2013-12-11 18:14 - 2013-12-11 17:54 - 00000000 ____D C:\Qoobox
2013-12-11 18:14 - 2011-06-10 12:57 - 00000000 ____D C:\Users\Patrick\AppData\Local\Apps\2.0
2013-12-11 18:13 - 2013-12-11 18:13 - 00028208 _____ C:\ComboFix.txt
2013-12-11 18:13 - 2012-02-18 18:45 - 00000000 ____D C:\Users\Giuseppe
2013-12-11 18:13 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-11 18:11 - 2013-12-11 17:53 - 00000000 ____D C:\Windows\erdnt
2013-12-11 18:06 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-11 08:00 - 2013-12-10 22:09 - 00366229 _____ C:\Users\Patrick\AppData\Local\census.cache
2013-12-11 08:00 - 2013-12-10 22:09 - 00143387 _____ C:\Users\Patrick\AppData\Local\ars.cache
2013-12-10 23:27 - 2012-04-09 22:23 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Winamp
2013-12-10 22:39 - 2013-12-10 22:39 - 00053128 _____ C:\Users\Patrick\Downloads\Addition.txt
2013-12-10 22:26 - 2013-08-26 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-10 22:19 - 2013-12-10 22:19 - 00000000 _____ C:\Windows\setuperr.log
2013-12-10 22:13 - 2011-12-10 12:39 - 00000000 ____D C:\Windows\Minidump
2013-12-10 22:13 - 2011-05-21 13:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\DAEMON Tools Lite
2013-12-10 22:13 - 2011-05-19 00:15 - 00000000 ____D C:\Windows\Panther
2013-12-10 22:09 - 2013-12-10 22:09 - 00233520 _____ C:\Windows\RegBootClean64.exe
2013-12-10 21:48 - 2013-12-10 21:48 - 00000036 _____ C:\Users\Patrick\AppData\Local\housecall.guid.cache
2013-12-10 21:48 - 2013-12-10 21:47 - 02405664 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HousecallLauncher64.exe
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\ProgramData\APN
2013-12-10 21:38 - 2013-12-10 21:38 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-12-10 21:33 - 2013-12-10 21:33 - 02294160 _____ C:\Users\Patrick\Downloads\avira_free_antivirus.exe
2013-12-10 21:02 - 2012-12-08 23:18 - 00000000 ____D C:\Users\Patrick\Desktop\Hack
2013-12-10 20:53 - 2011-05-18 14:25 - 00000000 ___RD C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-10 20:51 - 2012-04-08 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 20:47 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-10 20:36 - 2011-06-10 15:19 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client
2013-12-10 13:48 - 2013-09-14 12:53 - 00004570 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-12-10 13:45 - 2012-01-24 16:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-10 13:45 - 2012-01-24 16:02 - 00000000 ____D C:\ProgramData\Skype
2013-12-10 13:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 21:07 - 2011-05-19 00:14 - 00710518 _____ C:\Windows\system32\perfh007.dat
2013-12-09 21:07 - 2011-05-19 00:14 - 00154848 _____ C:\Windows\system32\perfc007.dat
2013-12-09 21:07 - 2009-07-14 06:13 - 01651822 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 20:46 - 2011-05-18 14:27 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{77E57025-0BF1-40B5-B572-45D029796284}
2013-12-08 23:10 - 2011-05-18 16:29 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-08 22:51 - 2011-05-18 16:29 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-08 20:59 - 2011-09-27 14:54 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-08 20:38 - 2012-06-06 17:05 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-12-08 00:29 - 2013-12-08 00:29 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-12-08 00:23 - 2011-09-27 16:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-12-07 18:19 - 2013-09-26 21:18 - 00000200 _____ C:\Users\Patrick\Downloads\Neues Textdokument.txt
2013-11-30 20:55 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\Documents\ArmA 2
2013-11-30 20:54 - 2013-11-30 20:54 - 00000000 ____D C:\Users\Patrick\AppData\Local\ArmA 2
2013-11-30 19:54 - 2013-11-30 19:54 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2 Operation Arrowhead.url
2013-11-30 19:04 - 2013-11-30 19:04 - 00000208 _____ C:\Users\Patrick\Desktop\Arma 2.url
2013-11-30 11:18 - 2013-12-01 17:34 - 00000000 ____D C:\Users\Patrick\Downloads\Sido-30-11-80-DE-2013
2013-11-28 17:12 - 2013-07-06 16:19 - 00000000 ____D C:\Users\Patrick\AppData\Local\Arma 3
2013-11-28 16:41 - 2012-12-21 19:01 - 00000032 _____ C:\folder.ini
2013-11-27 00:42 - 2013-11-27 00:42 - 00037376 _____ C:\Windows\SysWOW64\uplay_r1_loader.dll
2013-11-25 23:31 - 2013-08-17 15:47 - 00000000 ____D C:\Users\Patrick\Desktop\Cheathappens GameCheatz
2013-11-25 21:49 - 2013-11-24 22:28 - 00000000 ____D C:\Users\Patrick\Documents\Assassin's Creed IV Black Flag
2013-11-25 19:18 - 2012-05-19 22:56 - 00000000 ____D C:\Users\Patrick\Desktop\Programme
2013-11-24 22:28 - 2012-11-29 11:53 - 00001211 _____ C:\Users\Patrick\Desktop\Uplay.lnk
2013-11-24 22:27 - 2011-05-18 16:29 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-24 22:25 - 2011-05-18 14:47 - 01625166 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-24 21:43 - 2011-05-18 16:36 - 00280792 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-24 17:13 - 2013-11-24 17:13 - 00000209 _____ C:\Users\Patrick\Desktop\Assassins Creed IV Black Flag.url
2013-11-19 11:21 - 2011-05-18 14:53 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-17 17:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Obsidian Entertainment
2013-11-16 13:12 - 2013-11-16 13:12 - 00000000 ____D C:\ProgramData\Obsidian Entertainment
2013-11-16 11:58 - 2011-05-18 14:25 - 00001431 _____ C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-16 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-16 11:56 - 2012-04-27 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 02:17 - 2013-11-16 02:17 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 02:17 - 2013-11-16 02:17 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-16 02:17 - 2013-11-16 02:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 02:17 - 2013-11-16 02:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-16 02:17 - 2013-11-16 02:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-16 02:17 - 2013-11-16 02:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-16 02:17 - 2013-11-16 02:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-16 02:17 - 2013-11-16 02:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-16 02:06 - 2013-11-15 20:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 01:33 - 2013-11-16 01:33 - 00000174 _____ C:\Users\Patrick\Desktop\rust..url
2013-11-14 20:52 - 2012-04-08 09:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 20:52 - 2012-04-08 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 20:52 - 2011-06-03 19:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 20:51 - 2011-06-23 11:37 - 00000000 ____D C:\Users\Patrick\AppData\Local\Adobe
2013-11-14 00:25 - 2011-08-09 21:08 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-14 00:25 - 2011-05-18 14:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-14 00:25 - 2011-05-18 14:46 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-14 00:24 - 2013-08-15 23:07 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 00:21 - 2011-05-18 15:09 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\hpe29C5.dll


Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 16:55

==================== End Of Log ============================
--- --- ---

aharonov 13.12.2013 09:06
Wie läuft der Rechner jetzt? Alles in Ordnung oder bestehen noch Probleme?

starxick 13.12.2013 15:10
Läuft alles Super :) Sicherheitscenter geht alles ist aktiv und ich glaube mein PC fährt und läuft jetzt schneller 0.o

Daher Fettes Danke an dich werde das Forum aufjedenfall weiterempfehlen :)

aharonov 14.12.2013 23:40
Prima.


Schritt 1

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Schritt 2

Du hast unter anderem veraltete Java-Versionen installiert. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können.

Die aktuelle Version ist Java 7 Update 45.
  • Gehe zu
    Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
    Start --> Systemsteuerung --> Software (bei Win XP)
    und deinstalliere alle älteren Java-Versionen.

Überprüfe dann mit diesem Plugin-Check (mit dem Firefox hier), ob nun alle deine verwendeten Versionen aktuell sind und update sie anderenfalls.



Cleanup

Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
  1. Deaktiviere jetzt temporär das Antivirenprogramm, benenne bei der auf dem Desktop vorhandenen Combofix.exe das "Combofix" im Dateinamen um in Uninstall und führe sie mit Doppelklick aus.
  2. Bei MBAM würd ich dir unbedingt empfehlen, es zu behalten und wöchentlich einen Quick-Scan durchzuführen. Wenn du es nicht weiter verwenden möchtest, kannst du es jetzt normal über die Systemsteuerung deinstallieren.
  3. Auch den ESET Online Scanner kannst du behalten, um ab und zu (monatlich) für eine Zweitmeinung dein System damit zu scannen. Falls du ESET deinstallieren möchtest, dann kannst du das ebenfalls über die Systemsteuerung tun.
  4. Downloade dir bitte auf jeden Fall DelFix auf deinen Desktop.
    • Schliesse alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • DelFix entfernt u.a. alle von uns verwendeten Programme und löscht sich anschliessend selbst.
  5. Wenn jetzt noch etwas übriggeblieben ist, dann kannst du es einfach manuell löschen.




>> OK <<
Wir sind durch, deine Logs sehen für mich im Moment sauber aus. :daumenhoc

Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst.

Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann.




Epilog: Tipps, Dos & Don'ts

Aktualität von System und Software

Das Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren

Auch die installierte Software sollte immer in der aktuellsten Version vorliegen.
Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
  • Mit diesem kleinen Plugin-Check kannst du regelmässig diese Komponenten auf deren Aktualität überprüfen.
  • Achte auch darauf, dass alte, nicht mehr verwendete Versionen deinstalliert sind.
  • Optional: Das Programm Secunia Personal Software Inspector kann dich dabei unterstützen, stets die aktuellen Versionen sämtlicher installierter Software zu nutzen.

Sicherheits-Software

Eine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt).
Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
  • Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich dir Emsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter). Bevorzugst du ein kostenloses Produkt, dann ist Avast! Free Antivirus eine gute Alternative.
    Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von Malwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten.
  • Optional: Das Programm Sandboxie führt Anwendungen in einer isolierten Umgebung ("Sandkasten") aus, so dass keine Änderungen am System vorgenommen werden können. Wenn du deinen Browser darin startest, vermindert sich die Chance, dass beim Surfen eingefangene Malware sich dauerhaft im System festsetzen kann.
  • Optional: Das Addon WOT (web of trust) warnt dich vor einer als schädlich gemeldeten Website, bevor sie geladen wird. Für verschiedene Browser erhältlich.

Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt.
Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
  • NoScript verhindert standardmässig das Ausführen von aktiven Inhalten (Java, JavaScript, Flash, ..) für sämtliche Websites. Du kannst selber nach dem Prinzip einer Whitelist festlegen, welchen Seiten du vertrauen und Scripts erlauben willst, auch temporär.
  • Adblock Plus blockt die meisten Werbebanner weg. Solche Banner können nebst ihrer störenden Erscheinung auch als Infektionsherde fungieren.

(Un-)Sicheres Verhalten im Internet

Nebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.

Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
  • Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher (und ein beliebter) Weg, um Malware zu verbreiten.
  • Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kannst du dir nie sicher sein, ob auch wirklich drin ist, was drauf steht.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe mit Vorsicht und lass dich nicht von irgendwie interessant erscheinenden Elementen zu einem vorschnellen Klick verleiten. Lass dich nicht von Popups täuschen, die aussehen wie System- oder Virenmeldungen.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst du von einem deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant oder skandalös tönt, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und du solltest nicht denselben Fehler machen.
  • Lass die Dateiendungen anzeigen, so dass du dich nicht täuschen lässt, wenn eine ausführbare Datei über ein doppelte Dateiendung kaschiert wird, z.B. Nacktfoto.jpg.exe.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen fürs Programm irrelevanten Ergänzungen.

Allgemeine Hinweise

Abschliessend noch ein paar grundsätzliche Bemerkungen:
  • Dein Benutzerkonto für den alltäglichen Gebrauch sollte nicht über Administratorenrechte verfügen. Nutze ein Konto mit eingeschränkten Rechten (Windows XP) bzw. aktiviere die Benutzerkontensteuerung (UAC) auf der höchsten Stufe (Windows Vista / 7).
  • Erstelle regelmässig Backups deiner Daten und Dokumente auf externen Datenträgern, bei wichtigen Dateien mindestens zweifach. Nicht nur ein Malwarebefall kann schmerzhaften Datenverlust nach sich ziehen sondern auch ein gewöhnlicher Festplattendefekt.
  • Die Autorun/Autoplay-Funktion stellt ein Risiko dar, denn sie ermöglicht es, dass beispielsweise beim Einstecken eines entsprechend infizierten USB-Sticks der Befall auf den Rechner überspringt. Überlege dir, ob du diese Funktion nicht besser deaktivieren möchtest.
  • Wähle deine Passwörter gemäss den gängigen Regeln, um besser gegen Brute-Force- und Wörterbuchattacken gewappnet zu sein. Benutze jedes deiner Passwörter nur einmal und ändere sie regelmässig.
  • Der Nutzen von Registry-Cleanern zur Performancesteigerung ist umstritten. Auf jeden Fall lässt sich damit grosser Schaden anrichten, wenn man nicht weiss, was man tut. Wir empfehlen deshalb, die Finger von der Registry zu lassen. Um von Zeit zu Zeit die temporären Dateien zu löschen, genügt TFC.

Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)

starxick 16.12.2013 16:30
Hallo aharonov,

Ich bedanke mich hiermit Recht herzlich bei euch und ganz besonders bei aharonov für deine nette Hilfe ^^:abklatsch::abklatsch:. Ohne dich müsste ich denk ich mein komplettes System neu machen und das wäre nicht so toll :headbang:

Sry das ich mich erst jetzt melde aber hatte noch viel zu tun und ich würde auch etwas Spenden aber bin in einer Ausbildung und da ist jeder Cent etwas wert ^^. Sollte ich etwas übrig haben dann Spende ich gerne bei euch XD. Wenn ich wieder etwas habe dann melde ich mich am besten gleich hier ich fühle mich hier sehr gut aufgenommen

Von Daher BIG THX und ein Frohes Weinachtsfest + Guten Rutsch ins neue Jahr :taenzer:

aharonov 16.12.2013 16:51
Danke für die Rückmeldung.


Freut mich, dass wir helfen konnten. :abklatsch:

Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun.

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131