Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Telekom Schreiben (https://www.trojaner-board.de/150049-telekom-schreiben.html)

albarex 20.02.2014 18:38
Telekom Schreiben
 
Hallo sehr geehrtes Board,

ich habe heute (wiederholt) eine E-Mail von der Telekom bekommen, dass mein Rechner einen Virenbefall hat und Trojaner von meinem PC aus verschickt werden.
Wiederholt deswegen, weil ich das schoneinmal vor einem Monat bekommen habe aber für Spam gehalten habe. Da aber diese Email durch einen Anruf heute auch noch bestätigt wurde scheint es wohl wahr zu sein.

Nun zu meiner Frage: wie kann ich diesen Trojaner entfernen?

ich habe das Antivirenprogramm "Trend micro Titanium Maximum security".

Liebe Grüße

Albarex

aharonov 20.02.2014 19:14
Hallo,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


albarex 20.02.2014 19:28
frst.txt :


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by alexneu (administrator) on ALEXNEU-PC on 20-02-2014 19:19:15
Running from C:\Users\alexneu\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
() C:\Windows\SysWOW64\srvany.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Locktime Software) C:\Program Files\NetLimiter 3\NLClientApp.exe
(Akamai Technologies, Inc.) C:\Users\alexneu\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Akamai Technologies, Inc.) C:\Users\alexneu\AppData\Local\Akamai\netsession_win.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1382568 2013-09-16] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [216928 2013-08-29] (Trend Micro Inc.)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoccatIsku] - C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [] - [X]
HKLM\...\RunOnce: [DCERegBootClean64] - C:\Windows\RegBootClean64.exe [238128 2014-02-20] ()
HKU\S-1-5-21-81648548-1704745251-1628236580-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-81648548-1704745251-1628236580-1000\...\Run: [NetLimiter] - C:\Program Files\NetLimiter 3\NLClientApp.exe [2910208 2011-03-21] (Locktime Software)
HKU\S-1-5-21-81648548-1704745251-1628236580-1000\...\Run: [Akamai NetSession Interface] - C:\Users\alexneu\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-81648548-1704745251-1628236580-1000\...\MountPoints2: {d5e32ec7-706a-11e2-8fe7-0025228f48c2} - E:\SETUP.EXE

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b6aee060-a9b5-417c-8264-ab0621e3928d&searchtype=ds&q={searchTerms}&installDate=01/06/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1039EF9E2F14CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b6aee060-a9b5-417c-8264-ab0621e3928d&searchtype=ds&q={searchTerms}&installDate=01/06/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b6aee060-a9b5-417c-8264-ab0621e3928d&searchtype=ds&q={searchTerms}&installDate=01/06/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b6aee060-a9b5-417c-8264-ab0621e3928d&searchtype=ds&q={searchTerms}&installDate=01/06/2013
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://supertoolbar.ask.com/redirect?client=ie&tb=SE&o=&src=crm&q={searchTerms}&locale={locale.underscore}
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} -  No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default
FF user.js: detected! => C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\user.js
FF Homepage: hxxp://www.facebook.com/
FF NetworkProxy: "ftp", "46.164.168.161"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "46.164.168.161"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "46.164.168.161"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "46.164.168.161"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Stealthy - C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\Extensions\stealthyextension@gmail.com.xpi [2013-11-15]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-10-23]
FF Extension: Adblock Plus - C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-01]
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ []

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2014-02-09]
CHR Extension: (Google Docs) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-02]
CHR Extension: (Google Drive) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-02]
CHR Extension: (YouTube) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-02]
CHR Extension: (Google-Suche) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-02]
CHR Extension: (DVDVideoSoft) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-10-23]
CHR Extension: (Google Wallet) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Google Mail) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-02]
CHR Extension: (Twitch Giveaways) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2013-08-02]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\chrome_tmbep.crx [2014-02-20]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-02-02]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\chrome_tmbep.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx [2014-02-20]

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [678416 2012-12-17] ()
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-02-06] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-23] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [99048 2010-10-17] (SANDBOXIE L.T.D)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-06] (DT Soft Ltd)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                          )
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-10-14] (Razer Inc)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [145512 2010-10-17] (SANDBOXIE L.T.D)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [109072 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [175528 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2012-08-24] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [77184 2013-09-04] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.)
S3 cpuz135; \??\C:\Users\alexneu\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
U2 TMAgent;
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-20 19:19 - 2014-02-20 19:20 - 00024509 _____ () C:\Users\alexneu\Downloads\FRST.txt
2014-02-20 19:19 - 2014-02-20 19:19 - 00000000 ____D () C:\FRST
2014-02-20 19:18 - 2014-02-20 19:18 - 02153472 _____ (Farbar) C:\Users\alexneu\Downloads\FRST64.exe
2014-02-20 19:17 - 2014-02-20 19:17 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-02-20 19:17 - 2014-02-20 19:17 - 00007210 _____ () C:\Windows\RegBootClean64.CFG
2014-02-20 18:51 - 2014-02-20 18:51 - 00000000 ___HD () C:\TMRescueDisk
2014-02-20 18:48 - 2014-02-20 18:48 - 00001499 _____ () C:\Users\alexneu\Desktop\Trend Micro Titanium Maximum Security.lnk
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-20 18:47 - 2013-09-04 13:58 - 00175528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-02-20 18:47 - 2013-09-04 13:58 - 00109072 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2014-02-20 18:47 - 2013-09-04 13:58 - 00077184 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2014-02-20 18:47 - 2012-08-24 14:07 - 00046392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2014-02-20 18:47 - 2012-05-02 20:27 - 00105744 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmtdi.sys
2014-02-20 18:44 - 2014-02-20 18:44 - 00000458 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 18:44 - 2014-02-20 18:44 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-20 18:43 - 2014-02-20 19:17 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-20 18:43 - 2014-02-20 18:43 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-20 18:40 - 2014-02-20 18:40 - 00000036 _____ () C:\Users\alexneu\AppData\Local\housecall.guid.cache
2014-02-20 18:34 - 2014-02-20 18:49 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-02-20 18:33 - 2014-02-20 18:33 - 101475488 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_6.0_HE_64bit.exe
2014-02-20 18:32 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Trend Micro
2014-02-20 18:30 - 2014-02-20 18:31 - 90359392 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_7.0_HE_32bit.exe
2014-02-20 18:29 - 2014-02-20 18:30 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Akamai
2014-02-20 18:29 - 2014-02-20 18:29 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\alexneu\Downloads\installer.exe
2014-02-09 11:56 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-09 11:56 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-09 11:56 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-09 11:56 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-09 11:56 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-09 11:52 - 2014-02-09 11:53 - 00000000 ____D () C:\Users\alexneu\AppData\Local\NVIDIA Corporation
2014-02-09 11:50 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-09 11:50 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-09 11:44 - 2014-02-09 11:44 - 00575424 _____ () C:\Windows\Minidump\020914-21496-01.dmp
2014-02-03 18:50 - 2014-02-03 18:50 - 00001129 _____ () C:\Users\alexneu\Desktop\blub.m3u
2014-02-03 17:19 - 2014-02-03 17:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iTunes
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iPod
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-31 19:57 - 2014-01-31 19:57 - 00001079 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00001059 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Users\alexneu\AppData\Local\PDF24
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-01-31 19:56 - 2014-01-31 19:56 - 00614784 _____ (Chip Digital GmbH) C:\Users\alexneu\Downloads\PDF24 Creator - CHIP-Downloader.exe
2014-01-31 19:00 - 2011-07-09 06:29 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-01-31 18:59 - 2011-07-11 11:51 - 00319065 _____ () C:\Users\alexneu\Desktop\Windows6.1-KB2575077-x64.msu
2014-01-31 18:58 - 2014-01-31 18:58 - 00447920 _____ () C:\Users\alexneu\Downloads\435142_intl_x64_zip.exe
2014-01-30 17:23 - 2014-01-30 17:23 - 00000000 ____D () C:\Windows\pss
2014-01-30 16:36 - 2014-01-30 16:36 - 00001901 _____ () C:\Users\Public\Desktop\LOL Recorder.lnk
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Users\alexneu\Documents\LOLReplay
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-01-30 16:35 - 2014-01-30 16:36 - 01472106 _____ () C:\Users\alexneu\Downloads\LOLReplay-0.8.5.2.exe
2014-01-25 22:38 - 2014-01-25 22:38 - 00001618 _____ () C:\Users\alexneu\Desktop\auto 25.1.14.m3u
2014-01-25 00:43 - 2014-01-25 00:43 - 00908237 _____ () C:\Users\alexneu\Downloads\consultation-document_en.odt
2014-01-21 17:07 - 2014-01-21 18:13 - 00000000 ____D () C:\Users\alexneu\Desktop\bewerbungalex

==================== One Month Modified Files and Folders =======

2014-02-20 19:20 - 2014-02-20 19:19 - 00024509 _____ () C:\Users\alexneu\Downloads\FRST.txt
2014-02-20 19:19 - 2014-02-20 19:19 - 00000000 ____D () C:\FRST
2014-02-20 19:18 - 2014-02-20 19:18 - 02153472 _____ (Farbar) C:\Users\alexneu\Downloads\FRST64.exe
2014-02-20 19:17 - 2014-02-20 19:17 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-02-20 19:17 - 2014-02-20 19:17 - 00007210 _____ () C:\Windows\RegBootClean64.CFG
2014-02-20 19:17 - 2014-02-20 18:43 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-20 18:55 - 2013-02-01 20:18 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\TS3Client
2014-02-20 18:51 - 2014-02-20 18:51 - 00000000 ___HD () C:\TMRescueDisk
2014-02-20 18:49 - 2014-02-20 18:34 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-02-20 18:48 - 2014-02-20 18:48 - 00001499 _____ () C:\Users\alexneu\Desktop\Trend Micro Titanium Maximum Security.lnk
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-20 18:48 - 2014-02-20 18:32 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Trend Micro
2014-02-20 18:48 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:48 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:44 - 2014-02-20 18:44 - 00000458 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 18:44 - 2014-02-20 18:44 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-20 18:44 - 2013-02-01 18:51 - 01164645 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 18:44 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-20 18:43 - 2014-02-20 18:43 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-20 18:40 - 2014-02-20 18:40 - 00000036 _____ () C:\Users\alexneu\AppData\Local\housecall.guid.cache
2014-02-20 18:40 - 2013-08-02 17:06 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 18:40 - 2013-04-18 12:23 - 00056073 _____ () C:\Windows\setupact.log
2014-02-20 18:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-20 18:39 - 2013-04-18 12:23 - 00007380 _____ () C:\Windows\PFRO.log
2014-02-20 18:39 - 2013-02-02 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 18:33 - 2014-02-20 18:33 - 101475488 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_6.0_HE_64bit.exe
2014-02-20 18:31 - 2014-02-20 18:30 - 90359392 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_7.0_HE_32bit.exe
2014-02-20 18:30 - 2014-02-20 18:29 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Akamai
2014-02-20 18:29 - 2014-02-20 18:29 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\alexneu\Downloads\installer.exe
2014-02-20 18:29 - 2013-08-02 17:06 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 18:00 - 2013-04-17 15:37 - 00000472 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-02-19 23:36 - 2013-02-01 20:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-15 19:04 - 2013-02-06 09:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 02:18 - 2013-10-30 16:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:16 - 2013-02-01 20:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-14 13:16 - 2013-02-01 20:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-11 20:24 - 2013-08-02 17:06 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 20:24 - 2013-08-02 17:06 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 14:32 - 2010-11-21 07:50 - 00785324 _____ () C:\Windows\system32\perfh007.dat
2014-02-09 14:32 - 2010-11-21 07:50 - 00180582 _____ () C:\Windows\system32\perfc007.dat
2014-02-09 14:32 - 2009-07-14 06:13 - 01838024 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-09 11:59 - 2013-02-01 18:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-09 11:53 - 2014-02-09 11:52 - 00000000 ____D () C:\Users\alexneu\AppData\Local\NVIDIA Corporation
2014-02-09 11:53 - 2014-01-12 14:25 - 00000000 ____D () C:\Users\alexneu\AppData\Local\NVIDIA
2014-02-09 11:52 - 2013-02-02 13:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-09 11:51 - 2013-02-01 18:57 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-09 11:44 - 2014-02-09 11:44 - 00575424 _____ () C:\Windows\Minidump\020914-21496-01.dmp
2014-02-09 11:44 - 2013-07-07 20:40 - 546203579 _____ () C:\Windows\MEMORY.DMP
2014-02-09 11:44 - 2013-07-07 20:40 - 00000000 ____D () C:\Windows\Minidump
2014-02-09 00:35 - 2013-12-16 18:27 - 00000000 ____D () C:\Users\alexneu\Desktop\bewerbung
2014-02-08 23:05 - 2013-03-29 03:03 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
2014-02-08 23:05 - 2013-03-29 03:03 - 00000000 ____D () C:\Program Files\NetLimiter 3
2014-02-04 16:24 - 2013-08-02 17:06 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 18:50 - 2014-02-03 18:50 - 00001129 _____ () C:\Users\alexneu\Desktop\blub.m3u
2014-02-03 17:19 - 2014-02-03 17:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iTunes
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iPod
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-03 17:16 - 2013-02-09 18:17 - 00000000 ____D () C:\ProgramData\Apple
2014-01-31 19:57 - 2014-01-31 19:57 - 00001079 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00001059 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Users\alexneu\AppData\Local\PDF24
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-01-31 19:56 - 2014-01-31 19:56 - 00614784 _____ (Chip Digital GmbH) C:\Users\alexneu\Downloads\PDF24 Creator - CHIP-Downloader.exe
2014-01-31 18:59 - 2013-02-01 18:55 - 00000000 ____D () C:\Users\alexneu\AppData\Local\VirtualStore
2014-01-31 18:58 - 2014-01-31 18:58 - 00447920 _____ () C:\Users\alexneu\Downloads\435142_intl_x64_zip.exe
2014-01-30 17:23 - 2014-01-30 17:23 - 00000000 ____D () C:\Windows\pss
2014-01-30 16:36 - 2014-01-30 16:36 - 00001901 _____ () C:\Users\Public\Desktop\LOL Recorder.lnk
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Users\alexneu\Documents\LOLReplay
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-01-30 16:36 - 2014-01-30 16:35 - 01472106 _____ () C:\Users\alexneu\Downloads\LOLReplay-0.8.5.2.exe
2014-01-28 00:15 - 2013-12-19 15:15 - 00000096 _____ () C:\Users\alexneu\AppData\Roaming\WB.CFG
2014-01-25 22:38 - 2014-01-25 22:38 - 00001618 _____ () C:\Users\alexneu\Desktop\auto 25.1.14.m3u
2014-01-25 00:43 - 2014-01-25 00:43 - 00908237 _____ () C:\Users\alexneu\Downloads\consultation-document_en.odt
2014-01-21 18:13 - 2014-01-21 17:07 - 00000000 ____D () C:\Users\alexneu\Desktop\bewerbungalex

Some content of TEMP:
====================
C:\Users\alexneu\AppData\Local\Temp\avgnt.exe
C:\Users\alexneu\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-19 21:58

==================== End Of Log ============================
--- --- ---


addition.txt:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2014
Ran by alexneu at 2014-02-20 19:21:28
Running from C:\Users\alexneu\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Trend Micro Titanium Maximum Security (Enabled - Up to date) {B7599298-8445-728A-A5C7-A26A082C8BDA}
AS: Trend Micro Titanium Maximum Security (Enabled - Up to date) {0C38737C-A27F-7D04-9F77-991873ABC167}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (x32 Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Widget Browser (x32 Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
ANNO 2070 (x32 Version: 1.0.0.0 - Ubisoft)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Arma 2 (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (x32 Version:  - Bohemia Interactive)
ASRock App Charger v1.0.5 (Version:  - ASRock Inc.)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
AutoIt v3.3.8.1 (x32 Version:  - AutoIt Team)
AutoMode Switcher (x32 Version: 1.00 - Creative Technology Limited)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2949 - APN, LLC)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (x32 Version:  - )
BitTorrent (x32 Version: 7.8.0.29039 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Boris Continuum Complete 8 for Adobe CS5 - CS6 (Version: 8.0.3 - Boris FX, Inc.)
Call of Duty: Black Ops - Multiplayer (x32 Version:  - Treyarch)
Call of Duty: Black Ops II - Multiplayer (x32 Version:  - )
Call of Duty: Black Ops II - Zombies (x32 Version:  - )
Call of Duty: Black Ops II (x32 Version:  - )
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (Version: 4.00 - Piriform)
Cheat Engine 6.2 (x32 Version:  - Dark Byte)
Counter-Strike: Global Offensive (x32 Version:  - Valve)
Counter-Strike: Source (x32 Version:  - Valve)
Creative ALchemy (x32 Version: 1.43 - Creative Technology Limited)
Creative Audio-Systemsteuerung (x32 Version: 3.00 - Creative Technology Limited)
Creative Konsole Starter (x32 Version: 2.61 - Creative Technology Limited)
Creative Lautsprecher-Einrichtungskonsole (x32 Version: 3.50 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (x32 Version: 1.02 - Creative Technology Limited)
DAEMON Tools Lite (x32 Version: 4.46.1.0328 - DT Soft Ltd)
dLAN Cockpit (x32 Version: 3.2.28 - devolo AG) Hidden
Dolby Digital Live Pack (x32 Version: 3.02 - Creative Technology Limited)
DTS Connect Pack (x32 Version: 1.00 - Creative Technology Limited)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESL Wire 1.15.4 (Version:  - Turtle Entertainment GmbH)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
F1 2012 (x32 Version:  - Codemasters)
Files Crawler 2.1 (x32 Version: 2.1 - FilesCrawler Software Inc)
FileZilla Client 3.7.0.2 (x32 Version: 3.7.0.2 - FileZilla Project)
Fraps (remove only) (x32 Version:  - )
Free YouTube to MP3 Converter version 3.12.13.925 (x32 Version: 3.12.13.925 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GRID (x32 Version:  - Codemasters)
HexChat (x64) (Version: 2.9.5 - HexChat)
Infestation: Survivor Stories (x32 Version:  - Hammerpoint Interactive)
iTunes (Version: 11.1.4.62 - Apple Inc.)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Lautstärkefenster (x32 Version: 2.21 - Creative Technology Limited)
League of Legends (x32 Version: 1.3 - Riot Games)
Logitech Webcam-Software (x32 Version: 2.51 - Logitech Inc.)
LOLReplay (x32 Version: 0.8.5.2 - www.leaguereplays.com)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 20.0.1 (x86 de) (x32 Version: 20.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
NetLimiter 3 (Version: 3.0.0.11 - Locktime Software s.r.o.)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Netzmanager (x32 Version: 1.071 - Deutsche Telekom AG)
Notepad++ (x32 Version: 6.3.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
Open Broadcaster Software (x32 Version:  - )
OpenAL (x32 Version:  - )
Origin (x32 Version: 9.3.10.4710 - Electronic Arts, Inc.)
Overwolf (x32 Version: 0.44.256 - Overwolf)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.2.0 (x32 Version:  - PDF24.org)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Portal 2 (x32 Version:  - Valve)
Portal 2 Publishing Tool (x32 Version:  - )
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Razer Synapse 2.0 (x32 Version: 1.15.4 - Razer Inc.)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010 - Realtek)
RegCure (x32 Version: 3.0.2.0 - ParetoLogic, Inc.)
RegCure Pro (x32 Version: 3.1.3.0 - ParetoLogic, Inc.)
ROCCAT Isku Keyboard Driver (x32 Version:  - Roccat GmbH)
Sandboxie 3.50 (64-bit) (Version:  - )
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
SIW version 2011.10.29 (x32 Version: 2011.10.29 - Topala Software Solutions)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Stronghold 3 (x32 Version:  - Firefly Studios)
Stronghold Kingdoms (x32 Version:  - Firefly Studios Ltd)
SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54 (x32 Version: v2012.build.54 - eRightSoft)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (x32 Version: 8.0.16642 - TeamViewer)
Technitium MAC Address Changer v6.0.4 (x32 Version: 6.0.4 - Technitium)
The War Z version 1.0 (x32 Version: 1.0 - Arktos Entertainment Group LLC)
Thrustmaster Force Feedback Driver (x32 Version: 2.FFD.2009 - Thrustmaster)
Trapcode Particular 64 bit (Version: 2.1.1 - Red Giant Software) Hidden
Trapcode Particular 64 bit (x32 Version: 2.1.1 - Red Giant Software)
Trapcode Shine (Version: 1.6.0 - Red Giant Software) Hidden
Trapcode Shine (x32 Version: 1.6.0 - Red Giant Software)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Maximum Security (Version: 6.0 - Trend Micro Inc.)
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Universal AntiCheat 3 v1.076 (x32 Version:  - DExUS)
Vegas Pro 12.0 (64-bit) (Version: 12.0.486 - Sony)
VLC media player 2.0.6 (Version: 2.0.6 - VideoLAN)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (Version: 17.0.10283 - WinZip Computing, S.L. )
World of Tanks (x32 Version:  - Wargaming.net)
XAMPP (x32 Version: 1.8.2-0 - BitNami)
X-Chat 2.8.6-2 (x32 Version: 2.8.6-2 - SilvereX)
XSplit (x32 Version: 1.2.1303.0101 - SplitMediaLabs)

==================== Restore Points  =========================

08-02-2014 16:55:11 Geplanter Prüfpunkt
09-02-2014 10:52:14 DirectX wurde installiert
19-02-2014 21:05:00 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {474BD0C8-AF0C-4124-ABCB-C1899787BC71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02] (Google Inc.)
Task: {50454679-CD06-4399-842B-59878490EDA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {732F7F2C-AC8E-4619-951C-5368E42FABCD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8C70EB12-3283-4FCA-B0CB-A21115E7572E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02] (Google Inc.)
Task: {FEB6B193-079C-43A1-9C1F-3A202C5417F3} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll

==================== Loaded Modules (whitelisted) =============

2013-02-02 13:29 - 2013-12-19 19:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-02-19 19:00 - 2012-12-17 11:39 - 00678416 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2013-02-19 19:00 - 2013-02-06 14:28 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2013-02-06 18:43 - 2013-02-06 18:42 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2011-03-21 16:19 - 2011-03-21 16:19 - 00053248 _____ () C:\Program Files\NetLimiter 3\nlsvcPS.dll
2013-06-05 21:17 - 2013-11-23 22:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-20 18:43 - 2012-05-02 20:27 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
2014-02-20 18:43 - 2012-05-02 20:24 - 00731136 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2014-02-20 18:43 - 2012-05-02 20:24 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
2014-02-20 18:43 - 2012-05-02 20:25 - 01719808 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2014-02-20 18:43 - 2012-05-02 20:25 - 00016896 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_49.dll
2014-02-20 18:36 - 2012-07-25 16:53 - 00289088 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2012-07-30 15:13 - 2013-10-24 20:21 - 00302056 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-07-30 15:13 - 2013-10-24 20:21 - 00320488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-05-12 21:14 - 2012-10-13 19:29 - 00020992 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\TS3MassMover.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-01 20:54 - 2011-07-21 20:02 - 00207872 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2013-02-01 20:54 - 2011-07-21 20:04 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2013-02-01 21:10 - 2010-11-04 11:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-02-01 20:53 - 2007-09-13 22:05 - 00002560 _____ () C:\Windows\system32\CTXFIGER.DLL
2013-10-30 16:06 - 2014-02-15 02:18 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-14 13:16 - 2014-02-14 13:16 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
2014-02-20 18:36 - 2012-07-25 16:54 - 00049152 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_49.dll
2014-02-20 18:36 - 2012-07-25 16:54 - 00057344 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_49.dll
2013-05-26 16:53 - 2013-05-26 16:53 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\alexneu\AppData\Local\BMrkueJcwI:L7cA3oV20lUcP9Ib52m7
AlternateDataStreams: C:\Users\alexneu\AppData\Local\Temp:Ip40HTdIibCqeyIvFT8QBpa3ur

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: dealplylive => 2
MSCONFIG\Services: dealplylivem => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\alexneu\AppData\Local\Smartbar\Application\SnapDo.exe startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: ESL Wire => "C:\Program Files\EslWire\wire.exe" --tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Microsoft => C:\Users\alexneu\Documents\MSDCSC\microsoft.exe
MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: sla => C:\Users\alexneu\AppData\Local\TempImages\chk.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2014 06:41:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2014 05:36:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2014 09:58:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (02/19/2014 07:58:51 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/19/2014 04:18:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13010

Error: (02/19/2014 04:18:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13010

Error: (02/19/2014 04:18:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/19/2014 04:18:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12012

Error: (02/19/2014 04:18:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12012

Error: (02/19/2014 04:18:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/20/2014 06:41:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053

Error: (02/20/2014 06:40:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/20/2014 06:40:47 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.

Error: (02/20/2014 05:35:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%4.

Error: (02/19/2014 11:38:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%4.

Error: (02/18/2014 05:19:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%4.

Error: (02/15/2014 07:07:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/15/2014 07:07:40 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

Error: (02/10/2014 03:51:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/10/2014 03:51:08 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.


Microsoft Office Sessions:
=========================
Error: (02/20/2014 06:41:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2014 05:36:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2014 09:58:08 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (02/19/2014 07:58:51 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/19/2014 04:18:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13010

Error: (02/19/2014 04:18:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13010

Error: (02/19/2014 04:18:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/19/2014 04:18:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12012

Error: (02/19/2014 04:18:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12012

Error: (02/19/2014 04:18:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 8191.24 MB
Available physical RAM: 5153.11 MB
Total Pagefile: 16380.67 MB
Available Pagefile: 13325.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:350.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 7FFD6F15)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=699 GB) - (Type=07 NTFS)

==================== End Of Log ============================

aharonov 21.02.2014 09:45
ok.


Schritt 1

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 2

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.




Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von Adwcleaner
  • Log von Combofix
  • Log von FRST

albarex 21.02.2014 16:35
adwcleaner

Code:
# AdwCleaner v3.019 - Bericht erstellt am 21/02/2014 um 16:05:13
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : alexneu - ALEXNEU-PC
# Gestartet von : C:\Users\alexneu\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DealPlyLive
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\DealPly
Ordner Gelöscht : C:\Program Files (x86)\DealPlyLive
Ordner Gelöscht : C:\Program Files (x86)\ParetoLogic
Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic
Ordner Gelöscht : C:\Users\alexneu\AppData\Local\DealPlyLive
Ordner Gelöscht : C:\Users\alexneu\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\alexneu\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\alexneu\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\alexneu\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\alexneu\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\alexneu\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\alexneu\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\alexneu\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Ordner Gelöscht : C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Ordner Gelöscht : C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj
Datei Gelöscht : C:\Program Files\Uninstall.exe
Datei Gelöscht : C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\invalidprefs.js
Datei Gelöscht : C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\user.js
Datei Gelöscht : C:\Windows\Tasks\paretologic registration3.job
Datei Gelöscht : C:\Windows\System32\Tasks\paretologic registration3

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_3d-fahrschule_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_3d-fahrschule_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\caphyon
Schlüssel Gelöscht : HKCU\Software\DealPlyLive
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16798

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v20.0.1 (de)

[ Datei : C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "14256fb6e7272b7c0707876c434bde53");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "4adb5e6e0000000000000025228f48c2");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15817");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1619:14:48");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 22834788);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "snapdoocyb");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "b6aee060-a9b5-417c-8264-ab0621e3928d");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "01/06/2013");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "snapdoocyb");

-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [13667 octets] - [21/02/2014 16:03:50]
AdwCleaner[S0].txt - [11815 octets] - [21/02/2014 16:05:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11876 octets] ##########
combofix:

Code:
ComboFix 14-02-20.01 - alexneu 21.02.2014  16:17:44.1.6 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.8191.5840 [GMT 1:00]
ausgeführt von:: c:\users\alexneu\Desktop\ComboFix.exe
AV: Trend Micro Titanium Maximum Security *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Maximum Security *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\0.bak
C:\install.exe
c:\users\alexneu\AppData\Roaming\dclogs
c:\users\alexneu\AppData\Roaming\dclogs\2013-05-08-4.dc
c:\users\alexneu\AppData\Roaming\siw_sdk.dll
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-01-21 bis 2014-02-21  ))))))))))))))))))))))))))))))
.
.
2014-02-21 15:27 . 2014-02-21 15:27        --------        d-----w-        c:\users\DefaultAppPool\AppData\Local\temp
2014-02-21 15:27 . 2014-02-21 15:27        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-02-21 15:03 . 2014-02-21 15:05        --------        d-----w-        C:\AdwCleaner
2014-02-20 22:01 . 2014-02-20 22:03        --------        d-----w-        c:\windows\system32\MRT
2014-02-20 21:41 . 2014-02-20 21:41        9728        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 21:39 . 2014-02-20 21:39        1887232        ----a-w-        c:\windows\system32\d3d11.dll
2014-02-20 21:39 . 2014-02-20 21:39        1505280        ----a-w-        c:\windows\SysWow64\d3d11.dll
2014-02-20 21:11 . 2013-10-19 02:18        81408        ----a-w-        c:\windows\system32\imagehlp.dll
2014-02-20 21:10 . 2013-04-10 05:48        1732608        ----a-w-        c:\program files\Windows Journal\NBDoc.DLL
2014-02-20 20:56 . 2013-10-12 02:30        830464        ----a-w-        c:\windows\system32\nshwfp.dll
2014-02-20 20:56 . 2013-10-12 02:29        859648        ----a-w-        c:\windows\system32\IKEEXT.DLL
2014-02-20 20:56 . 2013-10-12 02:29        324096        ----a-w-        c:\windows\system32\FWPUCLNT.DLL
2014-02-20 20:56 . 2013-10-12 02:03        656896        ----a-w-        c:\windows\SysWow64\nshwfp.dll
2014-02-20 20:56 . 2013-10-12 02:01        216576        ----a-w-        c:\windows\SysWow64\FWPUCLNT.DLL
2014-02-20 20:01 . 2012-12-07 18:33        94520        ----a-w-        c:\windows\system32\drivers\tmeevw.sys
2014-02-20 20:01 . 2012-07-06 03:35        210232        ----a-w-        c:\windows\system32\drivers\tmnciesc.sys
2014-02-20 18:19 . 2014-02-20 18:23        --------        d-----w-        C:\FRST
2014-02-20 18:17 . 2014-02-20 19:27        238128        ----a-w-        c:\windows\RegBootClean64.exe
2014-02-20 17:52 . 2014-02-20 17:52        --------        d-----w-        C:\temp
2014-02-20 17:51 . 2014-02-20 17:51        --------        d-----w-        C:\TMRescueDisk
2014-02-20 17:47 . 2012-05-02 19:27        105744        ----a-w-        c:\windows\system32\drivers\tmtdi.sys
2014-02-20 17:47 . 2013-09-04 12:58        77184        ----a-w-        c:\windows\system32\drivers\tmevtmgr.sys
2014-02-20 17:47 . 2013-09-04 12:58        175528        ----a-w-        c:\windows\system32\drivers\tmcomm.sys
2014-02-20 17:47 . 2013-09-04 12:58        109072        ----a-w-        c:\windows\system32\drivers\tmactmon.sys
2014-02-20 17:47 . 2012-08-24 13:07        46392        ----a-w-        c:\windows\system32\drivers\TMEBC64.sys
2014-02-20 17:44 . 2014-02-20 17:44        59        ----a-w-        c:\windows\system32\SupportTool.exe.bat
2014-02-20 17:43 . 2014-02-20 17:43        --------        d-----w-        c:\program files\Trend Micro
2014-02-20 17:43 . 2014-02-20 21:47        --------        d-----w-        c:\programdata\Trend Micro
2014-02-20 17:34 . 2014-02-20 17:49        --------        d-----w-        c:\program files (x86)\Trend Micro
2014-02-20 17:32 . 2014-02-20 17:48        --------        d-----w-        c:\users\alexneu\AppData\Local\Trend Micro
2014-02-20 17:31 . 2014-02-20 17:31        --------        d-----w-        c:\programdata\Trend Micro Installer
2014-02-20 17:29 . 2014-02-20 17:30        --------        d-----w-        c:\users\alexneu\AppData\Local\Akamai
2014-02-09 10:52 . 2014-02-09 10:53        --------        d-----w-        c:\users\alexneu\AppData\Local\NVIDIA Corporation
2014-02-09 10:50 . 2013-12-05 08:42        39200        ----a-w-        c:\windows\system32\drivers\nvvad64v.sys
2014-02-09 10:50 . 2013-12-05 08:42        32544        ----a-w-        c:\windows\SysWow64\nvaudcap32v.dll
2014-02-03 16:19 . 2014-02-03 16:19        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-03 16:19 . 2014-02-03 16:19        --------        d-----w-        c:\program files\iTunes
2014-02-03 16:19 . 2014-02-03 16:19        --------        d-----w-        c:\program files (x86)\iTunes
2014-02-03 16:19 . 2014-02-03 16:19        --------        d-----w-        c:\program files\iPod
2014-01-31 18:57 . 2014-01-31 18:57        --------        d-----w-        c:\users\alexneu\AppData\Local\PDF24
2014-01-31 18:57 . 2014-01-31 18:57        --------        d-----w-        c:\program files (x86)\PDF24
2014-01-31 18:00 . 2011-07-09 05:29        289664        ----a-w-        c:\windows\system32\drivers\fltMgr.sys
2014-01-30 15:36 . 2014-01-30 15:36        --------        d-----w-        c:\program files (x86)\LOLReplay
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-14 12:16 . 2013-02-01 19:29        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-14 12:16 . 2013-02-01 19:29        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-04 18:09 . 2013-03-17 14:47        88567024        ----a-w-        c:\windows\system32\MRT.exe
2014-01-08 18:02 . 2013-06-05 20:17        214392        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2014-01-02 18:32 . 2013-06-05 20:17        214392        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-12-25 22:12 . 2013-06-05 20:18        291128        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-12-19 20:33 . 2013-02-02 12:27        3071656        ----a-w-        c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2013-02-02 12:27        2698272        ----a-w-        c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2013-02-02 12:27        15877216        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2013-12-19 20:33 . 2013-02-02 12:27        15230352        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2013-12-19 20:33 . 2013-02-02 12:27        1436528        ----a-w-        c:\windows\system32\nvumdshimx.dll
2013-12-19 20:33 . 2013-02-01 17:59        61216        ----a-w-        c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2013-02-01 17:59        53024        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2013-12-19 18:53 . 2013-02-02 12:29        6671648        ----a-w-        c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2013-02-02 12:29        3490080        ----a-w-        c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2013-02-02 12:29        922912        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2013-02-02 12:29        63776        ----a-w-        c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2013-02-02 12:29        386336        ----a-w-        c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2013-02-02 12:29        2559776        ----a-w-        c:\windows\system32\nvsvcr.dll
2013-12-19 11:20 . 2013-12-19 11:20        590112        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2013-02-02 12:29        3539040        ----a-w-        c:\windows\system32\nvcoproc.bin
2013-12-14 14:04 . 2013-12-14 14:04        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-12-14 14:04 . 2013-12-14 14:04        42168        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-12-10 02:13 . 2013-11-23 21:57        982232        ----a-w-        c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-23 21:57        1100248        ----a-w-        c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-11-23 21:53        35104        ----a-w-        c:\windows\system32\nvaudcap64v.dll
2013-11-23 21:21 . 2013-06-05 20:17        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2012-08-30 13:20 . 2012-08-30 13:20        68792        ----a-w-        c:\program files\fraps64.dat
2012-08-30 13:20 . 2012-08-30 13:20        2550968        ----a-w-        c:\program files\fraps.exe
2012-08-30 13:20 . 2012-08-30 13:20        234168        ----a-w-        c:\program files\fraps32.dll
2012-08-30 13:20 . 2012-08-30 13:20        186552        ----a-w-        c:\program files\fraps64.dll
2012-08-30 13:17 . 2012-08-30 13:17        140288        ----a-w-        c:\program files\frapslcd.dll
2006-05-03 10:06        163328        --sha-r-        c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47        31232        --sha-r-        c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30        216064        --sha-r-        c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00        107520        --sha-r-        c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NetLimiter"="c:\program files\NetLimiter 3\NLClientApp.exe" [2011-03-21 2910208]
"Akamai NetSession Interface"="c:\users\alexneu\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files (x86)\Creative\Volume Panel\VolPanlu.exe" [2009-07-07 241789]
"RoccatIsku"="c:\program files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE" [2012-11-09 542560]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-10-17 442200]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CTxfiHlp"="CTXFIHLP.EXE" [2011-08-11 24576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz135;cpuz135;c:\users\alexneu\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\alexneu\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8023x64;Realtek 10/100-Netzwerkkartenfamilie-NDIS-x64-Treiber;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 TMEBC;TMEBC;c:\windows\system32\DRIVERS\TMEBC64.sys;c:\windows\SYSNATIVE\DRIVERS\TMEBC64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys;c:\program files\NetLimiter 3\nltdi.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys;c:\windows\SYSNATIVE\drivers\ESLWireACD.sys [x]
S2 EslWireHelper;ESL Wire Helper Service;c:\program files\EslWire\service\WireHelperSvc.exe;c:\program files\EslWire\service\WireHelperSvc.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys;c:\windows\SYSNATIVE\DRIVERS\tmeevw.sys [x]
S3 tmnciesc;tmnciesc;c:\windows\system32\DRIVERS\tmnciesc.sys;c:\windows\SYSNATIVE\DRIVERS\tmnciesc.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs        REG_MULTI_SZ          w3svc was
apphost        REG_MULTI_SZ          apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 15:23        1211720        ----a-w-        c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02 16:06]
.
2014-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02 16:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2013-09-16 1382568]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2013-08-29 216928]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.forumswatcher.com/search.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: network.proxy.ftp - 46.164.168.161
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 46.164.168.161
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 46.164.168.161
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 46.164.168.161
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Fraps - c:\program files\uninstall.exe
AddRemove-{C547F361-5750-4CD1-9FB6-BC93827CB6C1} - c:\program files (x86)\ParetoLogic\RegCure Pro\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-02-21  16:29:57
ComboFix-quarantined-files.txt  2014-02-21 15:29
.
Vor Suchlauf: 16 Verzeichnis(se), 379.862.368.256 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 379.530.539.008 Bytes frei
.
- - End Of File - - 8CD146625ECBE59B0F66D8D064B139C5
A36C5E4F47E84449FF07ED3517B43A31

albarex 21.02.2014 16:37
frst:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014
Ran by alexneu (administrator) on ALEXNEU-PC on 21-02-2014 16:33:10
Running from C:\Users\alexneu\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Locktime Software) C:\Program Files\NetLimiter 3\NLClientApp.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1382568 2013-09-16] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [216928 2013-08-29] (Trend Micro Inc.)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoccatIsku] - C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [] - [X]
HKU\S-1-5-21-81648548-1704745251-1628236580-1000\...\Run: [NetLimiter] - C:\Program Files\NetLimiter 3\NLClientApp.exe [2910208 2011-03-21] (Locktime Software)
HKU\S-1-5-21-81648548-1704745251-1628236580-1000\...\Run: [Akamai NetSession Interface] - C:\Users\alexneu\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1039EF9E2F14CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} -  No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default
FF Homepage: hxxp://www.facebook.com/
FF NetworkProxy: "ftp", "46.164.168.161"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "46.164.168.161"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "46.164.168.161"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "46.164.168.161"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Stealthy - C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\Extensions\stealthyextension@gmail.com.xpi [2013-11-15]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-10-23]
FF Extension: Adblock Plus - C:\Users\alexneu\AppData\Roaming\Mozilla\Firefox\Profiles\a2yc1sf9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-01]
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ []

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2014-02-09]
CHR Extension: (Google Docs) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-02]
CHR Extension: (Google Drive) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-02]
CHR Extension: (YouTube) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-02]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2014-02-20]
CHR Extension: (Google-Suche) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-02]
CHR Extension: (TrendMicro Toolbar) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj [2014-02-20]
CHR Extension: (DVDVideoSoft) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-10-23]
CHR Extension: (Google Wallet) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Google Mail) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-02]
CHR Extension: (Twitch Giveaways) - C:\Users\alexneu\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2013-08-02]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\chrome_tmbep.crx [2014-02-20]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-02-02]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\chrome_tmbep.crx [2014-02-20]

==================== Services (Whitelisted) =================

R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [678416 2012-12-17] ()
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-02-06] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-23] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [99048 2010-10-17] (SANDBOXIE L.T.D)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-06] (DT Soft Ltd)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                          )
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-10-14] (Razer Inc)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [145512 2010-10-17] (SANDBOXIE L.T.D)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [109072 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [175528 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2012-08-24] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [94520 2012-12-07] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [77184 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [210232 2012-07-06] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.)
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Users\alexneu\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
U2 TMAgent;
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-21 16:33 - 2014-02-21 16:33 - 00020086 _____ () C:\Users\alexneu\Downloads\FRST.txt
2014-02-21 16:32 - 2014-02-21 16:32 - 02153984 _____ (Farbar) C:\Users\alexneu\Downloads\FRST64.exe
2014-02-21 16:29 - 2014-02-21 16:29 - 00024983 _____ () C:\ComboFix.txt
2014-02-21 16:15 - 2014-02-21 16:30 - 00000000 ____D () C:\Qoobox
2014-02-21 16:15 - 2014-02-21 16:28 - 00000000 ____D () C:\Windows\erdnt
2014-02-21 16:15 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-21 16:15 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-21 16:15 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-21 16:15 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-21 16:15 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-21 16:15 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-21 16:15 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-21 16:15 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-21 16:12 - 2014-02-21 16:13 - 05183886 ____R (Swearware) C:\Users\alexneu\Desktop\ComboFix.exe
2014-02-21 16:12 - 2014-02-21 16:12 - 00012001 _____ () C:\Users\alexneu\Desktop\AdwCleaner[S0].txt
2014-02-21 16:03 - 2014-02-21 16:05 - 00000000 ____D () C:\AdwCleaner
2014-02-21 16:02 - 2014-02-21 16:02 - 01241834 _____ () C:\Users\alexneu\Downloads\adwcleaner.exe
2014-02-20 23:01 - 2014-02-20 23:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-20 22:57 - 2014-02-20 22:59 - 00006277 _____ () C:\Windows\IE11_main.log
2014-02-20 22:42 - 2014-02-20 22:42 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-20 22:42 - 2014-02-20 22:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-20 22:42 - 2014-02-20 22:42 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-20 22:42 - 2014-02-20 22:42 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-20 22:42 - 2014-02-20 22:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-20 22:42 - 2014-02-20 22:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-20 22:42 - 2014-02-20 22:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-20 22:42 - 2014-02-20 22:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-20 22:42 - 2014-02-20 22:42 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-20 22:42 - 2014-02-20 22:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-20 22:42 - 2014-02-20 22:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-20 22:41 - 2014-02-20 22:41 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 22:39 - 2014-02-20 22:39 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-20 22:39 - 2014-02-20 22:39 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-20 22:38 - 2014-02-20 22:47 - 00011485 _____ () C:\Windows\IE10_main.log
2014-02-20 22:12 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-02-20 22:12 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-02-20 22:12 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-02-20 22:12 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-02-20 22:12 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-02-20 22:12 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-02-20 22:12 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-02-20 22:12 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-02-20 22:12 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-02-20 22:12 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-02-20 22:12 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-02-20 22:12 - 2013-02-27 07:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-02-20 22:12 - 2013-02-27 06:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-02-20 22:12 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-02-20 22:12 - 2013-02-27 05:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-20 22:12 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-20 22:12 - 2013-02-15 07:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-20 22:12 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-02-20 22:12 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-20 22:12 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-02-20 22:12 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-20 22:11 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-20 22:11 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-20 22:11 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-20 22:11 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-20 22:11 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-20 22:11 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-20 22:11 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-20 22:11 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-20 22:11 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-20 22:11 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-20 22:11 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-20 22:11 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-20 22:11 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-20 22:11 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-02-20 22:11 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-20 22:11 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-20 22:11 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-02-20 22:11 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-02-20 22:11 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-20 22:11 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-02-20 22:11 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-02-20 22:11 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-02-20 22:11 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-02-20 22:11 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-02-20 22:11 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-02-20 22:11 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-02-20 22:11 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-02-20 22:11 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-02-20 22:11 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-02-20 22:11 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-02-20 22:11 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-02-20 22:11 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-02-20 22:11 - 2013-08-02 03:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-02-20 22:11 - 2013-08-02 03:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-02-20 22:11 - 2013-08-02 03:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-02-20 22:11 - 2013-08-02 03:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-02-20 22:11 - 2013-08-02 03:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-02-20 22:11 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-02-20 22:11 - 2013-08-02 03:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-02-20 22:11 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-02-20 22:11 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-02-20 22:11 - 2013-08-02 02:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-02-20 22:11 - 2013-08-02 02:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-02-20 22:11 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-02-20 22:11 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-02-20 22:11 - 2013-08-02 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-02-20 22:11 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-02-20 22:11 - 2013-08-02 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-02-20 22:11 - 2013-08-02 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-02-20 22:11 - 2013-08-02 01:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-02-20 22:11 - 2013-08-02 01:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-02-20 22:11 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-02-20 22:11 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-02-20 22:11 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-20 22:11 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-02-20 22:11 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-20 22:11 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-02-20 22:11 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-02-20 22:11 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-02-20 22:11 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-02-20 22:11 - 2013-07-09 06:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-02-20 22:11 - 2013-07-09 05:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-02-20 22:11 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-02-20 22:11 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-20 22:11 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-02-20 22:11 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-02-20 22:11 - 2013-06-15 05:35 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-02-20 22:11 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-02-20 22:11 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-02-20 22:11 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-02-20 22:11 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-02-20 22:11 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-02-20 22:11 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-02-20 22:11 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-02-20 22:11 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-02-20 22:11 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-02-20 22:11 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-02-20 22:11 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-02-20 22:11 - 2013-06-04 07:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-02-20 22:11 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-02-20 22:11 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-02-20 22:11 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-02-20 22:11 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-02-20 22:11 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-02-20 22:11 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-02-20 22:11 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-02-20 22:10 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-02-20 22:10 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-02-20 22:10 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-20 22:10 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-20 22:10 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-02-20 22:10 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-02-20 22:10 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-20 22:10 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-20 22:10 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-02-20 22:10 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-02-20 22:10 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-02-20 22:10 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-02-20 22:10 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-02-20 22:10 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-20 22:10 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-20 22:10 - 2013-07-06 07:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-20 22:10 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-02-20 22:10 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-02-20 22:10 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-02-20 22:10 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-02-20 22:10 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-02-20 22:10 - 2012-06-01 06:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-02-20 22:10 - 2012-06-01 06:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-02-20 22:10 - 2012-06-01 06:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-02-20 22:10 - 2012-06-01 06:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-02-20 22:10 - 2012-06-01 06:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-02-20 22:10 - 2012-06-01 06:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-02-20 22:10 - 2012-06-01 05:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-02-20 22:10 - 2012-06-01 05:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-02-20 22:10 - 2012-06-01 05:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-02-20 22:10 - 2012-06-01 05:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-02-20 22:10 - 2012-06-01 05:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-02-20 22:10 - 2012-06-01 05:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-02-20 22:10 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-02-20 21:56 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-02-20 21:56 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-02-20 21:56 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-02-20 21:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-02-20 21:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-02-20 21:01 - 2012-12-07 19:33 - 00094520 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2014-02-20 21:01 - 2012-07-06 04:35 - 00210232 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2014-02-20 19:27 - 2014-02-20 19:27 - 00029974 _____ () C:\Users\alexneu\Desktop\Addition.txt
2014-02-20 19:21 - 2014-02-20 19:23 - 00029974 _____ () C:\Users\alexneu\Downloads\Addition.txt
2014-02-20 19:19 - 2014-02-21 16:33 - 00000000 ____D () C:\FRST
2014-02-20 19:19 - 2014-02-20 19:23 - 00041397 _____ () C:\Users\alexneu\Desktop\FRST.txt
2014-02-20 19:17 - 2014-02-20 20:27 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-02-20 18:51 - 2014-02-20 18:51 - 00000000 ____D () C:\TMRescueDisk
2014-02-20 18:48 - 2014-02-20 18:48 - 00001499 _____ () C:\Users\alexneu\Desktop\Trend Micro Titanium Maximum Security.lnk
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-20 18:47 - 2013-09-04 13:58 - 00175528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-02-20 18:47 - 2013-09-04 13:58 - 00109072 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2014-02-20 18:47 - 2013-09-04 13:58 - 00077184 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2014-02-20 18:47 - 2012-08-24 14:07 - 00046392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2014-02-20 18:47 - 2012-05-02 20:27 - 00105744 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmtdi.sys
2014-02-20 18:44 - 2014-02-20 18:44 - 00000458 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 18:44 - 2014-02-20 18:44 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-20 18:43 - 2014-02-20 22:47 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-20 18:43 - 2014-02-20 18:43 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-20 18:40 - 2014-02-20 18:40 - 00000036 _____ () C:\Users\alexneu\AppData\Local\housecall.guid.cache
2014-02-20 18:34 - 2014-02-20 18:49 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-02-20 18:33 - 2014-02-20 18:33 - 101475488 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_6.0_HE_64bit.exe
2014-02-20 18:32 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Trend Micro
2014-02-20 18:30 - 2014-02-20 18:31 - 90359392 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_7.0_HE_32bit.exe
2014-02-20 18:29 - 2014-02-20 18:30 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Akamai
2014-02-20 18:29 - 2014-02-20 18:29 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\alexneu\Downloads\installer.exe
2014-02-09 11:56 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-09 11:56 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-09 11:56 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-09 11:56 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-09 11:56 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-09 11:56 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-09 11:52 - 2014-02-09 11:53 - 00000000 ____D () C:\Users\alexneu\AppData\Local\NVIDIA Corporation
2014-02-09 11:50 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-09 11:50 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-09 11:44 - 2014-02-09 11:44 - 00575424 _____ () C:\Windows\Minidump\020914-21496-01.dmp
2014-02-03 18:50 - 2014-02-03 18:50 - 00001129 _____ () C:\Users\alexneu\Desktop\blub.m3u
2014-02-03 17:19 - 2014-02-03 17:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iTunes
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iPod
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-31 19:57 - 2014-01-31 19:57 - 00001079 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00001059 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Users\alexneu\AppData\Local\PDF24
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-01-31 19:56 - 2014-01-31 19:56 - 00614784 _____ (Chip Digital GmbH) C:\Users\alexneu\Downloads\PDF24 Creator - CHIP-Downloader.exe
2014-01-31 19:00 - 2011-07-09 06:29 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-01-31 18:59 - 2011-07-11 11:51 - 00319065 _____ () C:\Users\alexneu\Desktop\Windows6.1-KB2575077-x64.msu
2014-01-31 18:58 - 2014-01-31 18:58 - 00447920 _____ () C:\Users\alexneu\Downloads\435142_intl_x64_zip.exe
2014-01-30 17:23 - 2014-01-30 17:23 - 00000000 ____D () C:\Windows\pss
2014-01-30 16:36 - 2014-01-30 16:36 - 00001901 _____ () C:\Users\Public\Desktop\LOL Recorder.lnk
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Users\alexneu\Documents\LOLReplay
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-01-30 16:35 - 2014-01-30 16:36 - 01472106 _____ () C:\Users\alexneu\Downloads\LOLReplay-0.8.5.2.exe
2014-01-25 22:38 - 2014-01-25 22:38 - 00001618 _____ () C:\Users\alexneu\Desktop\auto 25.1.14.m3u
2014-01-25 00:43 - 2014-01-25 00:43 - 00908237 _____ () C:\Users\alexneu\Downloads\consultation-document_en.odt

==================== One Month Modified Files and Folders =======

2014-02-21 16:33 - 2014-02-21 16:33 - 00020086 _____ () C:\Users\alexneu\Downloads\FRST.txt
2014-02-21 16:33 - 2014-02-20 19:19 - 00000000 ____D () C:\FRST
2014-02-21 16:32 - 2014-02-21 16:32 - 02153984 _____ (Farbar) C:\Users\alexneu\Downloads\FRST64.exe
2014-02-21 16:30 - 2014-02-21 16:15 - 00000000 ____D () C:\Qoobox
2014-02-21 16:30 - 2013-08-02 17:06 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-21 16:30 - 2013-02-01 20:18 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\TS3Client
2014-02-21 16:29 - 2014-02-21 16:29 - 00024983 _____ () C:\ComboFix.txt
2014-02-21 16:29 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-21 16:28 - 2014-02-21 16:15 - 00000000 ____D () C:\Windows\erdnt
2014-02-21 16:27 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-21 16:18 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-21 16:18 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-21 16:16 - 2013-02-01 18:51 - 01151788 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 16:13 - 2014-02-21 16:12 - 05183886 ____R (Swearware) C:\Users\alexneu\Desktop\ComboFix.exe
2014-02-21 16:12 - 2014-02-21 16:12 - 00012001 _____ () C:\Users\alexneu\Desktop\AdwCleaner[S0].txt
2014-02-21 16:09 - 2013-08-02 17:06 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-21 16:08 - 2013-04-18 12:23 - 00056857 _____ () C:\Windows\setupact.log
2014-02-21 16:07 - 2013-02-02 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-21 16:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-21 16:05 - 2014-02-21 16:03 - 00000000 ____D () C:\AdwCleaner
2014-02-21 16:02 - 2014-02-21 16:02 - 01241834 _____ () C:\Users\alexneu\Downloads\adwcleaner.exe
2014-02-21 15:57 - 2013-02-01 18:56 - 00001421 _____ () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-21 15:57 - 2013-02-01 18:56 - 00000000 ___RD () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-21 15:57 - 2013-02-01 18:56 - 00000000 ___RD () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-21 15:55 - 2013-10-29 00:06 - 00024488 _____ () C:\Windows\iis7.log
2014-02-21 15:54 - 2013-02-01 18:47 - 00000000 ____D () C:\Windows\Panther
2014-02-21 15:51 - 2010-11-21 07:50 - 00767432 _____ () C:\Windows\system32\perfh007.dat
2014-02-21 15:51 - 2010-11-21 07:50 - 00172906 _____ () C:\Windows\system32\perfc007.dat
2014-02-21 15:51 - 2009-07-14 06:13 - 01790288 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 15:46 - 2009-07-14 05:45 - 05054584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-21 15:41 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-21 15:41 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-02-21 15:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-02-21 15:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-02-21 15:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-21 15:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-21 15:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-02-21 15:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-02-21 15:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-02-21 15:38 - 2010-11-21 08:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-20 23:06 - 2013-02-01 21:42 - 01767246 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-20 23:03 - 2014-02-20 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-20 22:59 - 2014-02-20 22:57 - 00006277 _____ () C:\Windows\IE11_main.log
2014-02-20 22:47 - 2014-02-20 22:38 - 00011485 _____ () C:\Windows\IE10_main.log
2014-02-20 22:47 - 2014-02-20 18:43 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-20 22:42 - 2014-02-20 22:42 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-20 22:42 - 2014-02-20 22:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-20 22:42 - 2014-02-20 22:42 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-20 22:42 - 2014-02-20 22:42 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-20 22:42 - 2014-02-20 22:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-20 22:42 - 2014-02-20 22:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-20 22:42 - 2014-02-20 22:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-20 22:42 - 2014-02-20 22:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-20 22:42 - 2014-02-20 22:42 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-20 22:42 - 2014-02-20 22:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-20 22:42 - 2014-02-20 22:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-20 22:42 - 2014-02-20 22:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-20 22:42 - 2014-02-20 22:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-20 22:41 - 2014-02-20 22:41 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 22:41 - 2014-02-20 22:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 22:39 - 2014-02-20 22:39 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-20 22:39 - 2014-02-20 22:39 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-20 22:18 - 2013-02-01 20:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-20 21:42 - 2013-02-01 18:55 - 00000000 ____D () C:\Users\alexneu
2014-02-20 21:41 - 2013-11-20 19:05 - 00000000 ____D () C:\Users\DefaultAppPool
2014-02-20 21:41 - 2010-11-21 08:00 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-20 21:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-20 20:27 - 2014-02-20 19:17 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-02-20 20:23 - 2013-02-07 00:33 - 00000000 ____D () C:\Users\alexneu\Documents\Services
2014-02-20 19:27 - 2014-02-20 19:27 - 00029974 _____ () C:\Users\alexneu\Desktop\Addition.txt
2014-02-20 19:23 - 2014-02-20 19:21 - 00029974 _____ () C:\Users\alexneu\Downloads\Addition.txt
2014-02-20 19:23 - 2014-02-20 19:19 - 00041397 _____ () C:\Users\alexneu\Desktop\FRST.txt
2014-02-20 18:51 - 2014-02-20 18:51 - 00000000 ____D () C:\TMRescueDisk
2014-02-20 18:49 - 2014-02-20 18:34 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-02-20 18:48 - 2014-02-20 18:48 - 00001499 _____ () C:\Users\alexneu\Desktop\Trend Micro Titanium Maximum Security.lnk
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-20 18:48 - 2014-02-20 18:32 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Trend Micro
2014-02-20 18:44 - 2014-02-20 18:44 - 00000458 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 18:44 - 2014-02-20 18:44 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-20 18:44 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-20 18:43 - 2014-02-20 18:43 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-20 18:40 - 2014-02-20 18:40 - 00000036 _____ () C:\Users\alexneu\AppData\Local\housecall.guid.cache
2014-02-20 18:39 - 2013-04-18 12:23 - 00007380 _____ () C:\Windows\PFRO.log
2014-02-20 18:33 - 2014-02-20 18:33 - 101475488 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_6.0_HE_64bit.exe
2014-02-20 18:31 - 2014-02-20 18:30 - 90359392 _____ (Trend Micro Inc.) C:\Users\alexneu\Downloads\TTi_7.0_HE_32bit.exe
2014-02-20 18:30 - 2014-02-20 18:29 - 00000000 ____D () C:\Users\alexneu\AppData\Local\Akamai
2014-02-20 18:29 - 2014-02-20 18:29 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\alexneu\Downloads\installer.exe
2014-02-15 19:04 - 2013-02-06 09:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 02:18 - 2013-10-30 16:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:16 - 2013-02-01 20:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-14 13:16 - 2013-02-01 20:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-11 20:24 - 2013-08-02 17:06 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 20:24 - 2013-08-02 17:06 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 11:59 - 2013-02-01 18:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-09 11:53 - 2014-02-09 11:52 - 00000000 ____D () C:\Users\alexneu\AppData\Local\NVIDIA Corporation
2014-02-09 11:53 - 2014-01-12 14:25 - 00000000 ____D () C:\Users\alexneu\AppData\Local\NVIDIA
2014-02-09 11:52 - 2013-02-02 13:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-09 11:51 - 2013-02-01 18:57 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-09 11:44 - 2014-02-09 11:44 - 00575424 _____ () C:\Windows\Minidump\020914-21496-01.dmp
2014-02-09 11:44 - 2013-07-07 20:40 - 546203579 _____ () C:\Windows\MEMORY.DMP
2014-02-09 11:44 - 2013-07-07 20:40 - 00000000 ____D () C:\Windows\Minidump
2014-02-09 00:35 - 2013-12-16 18:27 - 00000000 ____D () C:\Users\alexneu\Desktop\bewerbung
2014-02-08 23:05 - 2013-03-29 03:03 - 00000000 ____D () C:\Users\alexneu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
2014-02-08 23:05 - 2013-03-29 03:03 - 00000000 ____D () C:\Program Files\NetLimiter 3
2014-02-04 19:09 - 2013-03-17 15:47 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-04 16:24 - 2013-08-02 17:06 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 18:50 - 2014-02-03 18:50 - 00001129 _____ () C:\Users\alexneu\Desktop\blub.m3u
2014-02-03 17:19 - 2014-02-03 17:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iTunes
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files\iPod
2014-02-03 17:19 - 2014-02-03 17:19 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-03 17:16 - 2013-02-09 18:17 - 00000000 ____D () C:\ProgramData\Apple
2014-01-31 19:57 - 2014-01-31 19:57 - 00001079 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00001059 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Users\alexneu\AppData\Local\PDF24
2014-01-31 19:57 - 2014-01-31 19:57 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-01-31 19:56 - 2014-01-31 19:56 - 00614784 _____ (Chip Digital GmbH) C:\Users\alexneu\Downloads\PDF24 Creator - CHIP-Downloader.exe
2014-01-31 18:59 - 2013-02-01 18:55 - 00000000 ____D () C:\Users\alexneu\AppData\Local\VirtualStore
2014-01-31 18:58 - 2014-01-31 18:58 - 00447920 _____ () C:\Users\alexneu\Downloads\435142_intl_x64_zip.exe
2014-01-30 17:23 - 2014-01-30 17:23 - 00000000 ____D () C:\Windows\pss
2014-01-30 16:36 - 2014-01-30 16:36 - 00001901 _____ () C:\Users\Public\Desktop\LOL Recorder.lnk
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Users\alexneu\Documents\LOLReplay
2014-01-30 16:36 - 2014-01-30 16:36 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-01-30 16:36 - 2014-01-30 16:35 - 01472106 _____ () C:\Users\alexneu\Downloads\LOLReplay-0.8.5.2.exe
2014-01-28 00:15 - 2013-12-19 15:15 - 00000096 _____ () C:\Users\alexneu\AppData\Roaming\WB.CFG
2014-01-25 22:38 - 2014-01-25 22:38 - 00001618 _____ () C:\Users\alexneu\Desktop\auto 25.1.14.m3u
2014-01-25 00:43 - 2014-01-25 00:43 - 00908237 _____ () C:\Users\alexneu\Downloads\consultation-document_en.odt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-19 21:58

==================== End Of Log ============================
--- --- ---

aharonov 21.02.2014 16:57
Schritt 1

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 2


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


albarex 21.02.2014 21:24
Also malwarebytes:

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.21.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16798
alexneu :: ALEXNEU-PC [Administrator]

21.02.2014 17:40:05
mbam-log-2014-02-21 (17-40-05).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 253711
Laufzeit: 7 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\alexneu\AppData\Roaming\BitTorrent\ism.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\alexneu\Downloads\FreeYouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\alexneu\Downloads\SoftonicDownloader_fuer_3d-fahrschule.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\alexneu\Downloads\SoftonicDownloader_fuer_files-crawler.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\alexneu\AppData\Local\DM\install.exe (PUP.Optional.InstallMonetizer.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
der eset onlinescanner hat jetzt in 5h ca. 30% gehabt, dann ist mein PC abgeschmiert...
geht das auch ohne?

albarex 22.02.2014 21:41
bump

aharonov 22.02.2014 22:16
Wenn ESET nicht durchläuft, scanne stattdessen mit EAM:


Lade dir bitte das Setup von Emsisoft Anti-Malware auf den Desktop herunter.
  • Führe die EmsisoftAntiMalwareSetup.exe aus.
  • Wähle die Sprache Deutsch und akzeptiere die Lizenzvereinbarungen.
  • Drücke dann auf Freeware Modus (nur Scanner, kein Schutz).
  • Belasse im nächsten Fenster die Einstellungen und drücke Weiter.
  • Nachdem der Updatevorgang abgeschlossen ist, klicke auf PC jetzt untersuchen.
  • Wähle bei "PUPs-Erkennung aktivieren" die Option Ja und drücke Weiter.
  • Wähle dann Detail Scan und drücke auf SCAN.
  • Wenn der Scan abgeschlossen ist, lass die Funde nicht entfernen, sondern drücke auf Bericht anzeigen.
  • Poste das sich öffnende Log bitte hier in den Thread.
    (Nachträglich findest du das Log unter Start -> Alle Programme -> Emsisoft Anti-Malware -> Scan Berichte als a2scan_<date>-<time>.txt.)
  • Du kannst Emsisoft danach über die Systemsteuerung deinstallieren, als Freeware On-Demand-Scanner zusätzlich zu deinem Antivirenprogramm behalten oder die Vollversion davon kaufen und dein bestehendes Antivirenprogramm damit ersetzen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:04 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131