Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   interpolseite (https://www.trojaner-board.de/151072-interpolseite.html)

fulloverdose 15.03.2014 09:46
interpolseite
 
hatte beim surfen diese interpol seite bekommen
konnte google chrome schliessen und alles funktioniert wie es soll
habe mit titanium einen komplett scan durchgefürhrt --- > alles clean
muss ich mir gedanken machen ?

schrauber 15.03.2014 11:04
hi,

schauen wir mal.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


fulloverdose 15.03.2014 15:25
mein virus programm meint die vorgeschlagene software ist bedenklich?


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by felix (administrator) on FUCKUP on 15-03-2014 15:19:25
Running from C:\Users\felix\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
() C:\Program Files (x86)\RightSurf\updateRightSurf.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
() C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\RightSurf\bin\FilterApp_C64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() D:\gamezzz\lol\RADS\system\rads_user_kernel.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
() D:\gamezzz\lol\RADS\projects\lol_launcher\releases\0.0.0.202\deploy\LoLLauncher.exe
() D:\gamezzz\lol\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\LolClient.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) D:\gamezzz\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] - C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSPanel.exe [5591872 2014-01-15] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - D:\apps\itun\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&ts=1393452606&type=default&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&ts=1393452606
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&ts=1393452606&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&ts=1393452606
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&ts=1393452606
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0103&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyC0CtAyCyEtDzyyBtA0CyDtN0D0Tzu0SyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=941252941&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=ASJB
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0103&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyC0CtAyCyEtDzyyBtA0CyDtN0D0Tzu0SyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=941252941&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=ASJB
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&ts=1393452606&type=default&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&ts=1393452606&type=default&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\apps\java\bin\ssv.dll (Oracle Corporation)
BHO-x32: RightSurf - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files (x86)\RightSurf\RightSurfBHO.dll (RightSurf)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\apps\java\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome:
=======
CHR HomePage: hxxp://search.babylon.com/?affID=121529&tt=gc_&babsrc=HP_ss_wls&mntrId=385790E6BA1902A4
CHR Extension: (Angry Birds) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-03-01]
CHR Extension: (From Dust) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2014-03-01]
CHR Extension: (Retro Games) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgejkohjndfiooaomnpbacoeekdonkak [2014-03-01]
CHR Extension: (Mini Putt) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbblnjglchclanebglfjigfokbgpbbg [2014-03-01]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2014-02-21]
CHR Extension: (X New Tab Page) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh [2014-02-01]
CHR Extension: (Poolbillard) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2014-03-01]
CHR Extension: (Kingdom Rush) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2014-03-01]
CHR Extension: (Monster Dash) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog [2014-03-01]
CHR Extension: (Trend Micro Osprey Chrome Extension) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgckcapmffomaifonnhgkfdgljnkpgi [2014-02-21]
CHR Extension: (AdBlock) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-01]
CHR Extension: (Trend Micro Toolbar) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj [2014-02-21]
CHR Extension: (Don't Starve) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-03-01]
CHR Extension: (Cargo Bridge: Armor Games Edition) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj [2014-03-01]
CHR Extension: (New Tab Page for FVD Speed Dial) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Extended Protection) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

==================== Services (Whitelisted) =================

R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5216624 2010-12-17] (appsmaker)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] ()
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-02] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2318192 2010-12-17] (appsmaker)
R2 Update RightSurf; C:\Program Files (x86)\RightSurf\updateRightSurf.exe [348960 2014-03-14] ()
R2 Util RightSurf; C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe [348960 2014-03-14] ()
R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2014-01-06] (Wajam)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                          )
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-01-10] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2013-11-15] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-08] (Trend Micro Inc.)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-14] (StdLib)
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-15 15:19 - 2014-03-15 15:19 - 00026666 _____ () C:\Users\felix\Downloads\FRST.txt
2014-03-15 15:19 - 2014-03-15 15:19 - 00000000 ____D () C:\FRST
2014-03-15 15:03 - 2014-03-15 15:03 - 02157056 _____ (Farbar) C:\Users\felix\Downloads\FRST64.exe
2014-03-15 09:12 - 2014-03-15 15:11 - 00000000 __RDO () C:\Users\felix\SkyDrive
2014-03-15 09:10 - 2014-03-15 09:10 - 00001068 _____ () C:\Windows\PFRO.log
2014-03-14 20:49 - 2014-03-14 20:50 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TS3Client
2014-03-14 20:47 - 2014-03-14 20:47 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\felix\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-14 19:42 - 2014-03-14 19:42 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-12 20:00 - 2014-03-12 20:00 - 00000000 ____D () C:\Users\felix\AppData\Roaming\AppBooster
2014-03-12 19:14 - 2014-03-12 19:14 - 09490912 _____ (appsmaker ) C:\Users\felix\Downloads\AppBooster20_Basic_Setup.exe
2014-03-12 07:22 - 2014-03-12 19:12 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\Documents\Ashampoo Burning Studio FREE
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Local\ashampoo
2014-03-12 07:21 - 2014-03-12 07:21 - 29588704 _____ (Ashampoo GmbH & Co. KG ) C:\Users\felix\Downloads\ashampoo_burning_studio_free_1.12.0.exe
2014-03-12 07:16 - 2014-03-12 07:16 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:16 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\OpenCandy
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\DVDVideoSoft
2014-03-12 07:12 - 2014-03-12 07:13 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\felix\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
2014-03-10 00:42 - 2014-03-10 00:54 - 00231960 _____ () C:\Windows\RegBootClean64.exe
2014-03-09 17:35 - 2014-03-14 18:21 - 00000145 _____ () C:\Windows\setupact.log
2014-03-09 17:35 - 2014-03-09 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:52 - 2014-03-09 10:52 - 00000000 ____D () C:\Users\felix\Documents\Shadowrun Returns
2014-03-09 10:51 - 2014-03-09 10:51 - 00000000 ____D () C:\Users\felix\AppData\Local\Harebrained Schemes
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\Documents\NBGI
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\AppData\Local\NBGI
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-09 10:13 - 2014-03-09 10:14 - 00017533 _____ () C:\Windows\DirectX.log
2014-03-08 23:58 - 2014-03-08 23:58 - 00000000 ____D () C:\Users\felix\Documents\Red Wasp Design Ltd
2014-03-08 23:57 - 2014-03-08 23:57 - 00000954 _____ () C:\Users\UpdatusUser\Desktop\Call.of.Cthulhu.The.Wasted.Land.lnk
2014-03-08 18:24 - 2014-03-08 18:24 - 00017476 _____ () C:\Users\felix\Downloads\66148fd2585fc768b140a33cd3a1cc5d.dlc
2014-03-02 12:16 - 2014-03-02 12:16 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard
2014-03-02 00:40 - 2014-03-02 00:43 - 219694912 _____ (NVIDIA Corporation) C:\Users\felix\Downloads\334.89-desktop-win8-win7-winvista-32bit-international-whql.exe
2014-03-01 18:59 - 2014-03-01 19:00 - 01467128 _____ () C:\Users\felix\Downloads\SystemCheck_deDE.exe
2014-02-28 22:36 - 2014-02-28 22:36 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Awesomium
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\Users\felix\Documents\Elder Scrolls Online
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 00:37 - 2014-03-15 09:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-27 00:37 - 2014-03-15 09:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-27 00:36 - 2014-02-27 00:36 - 13079688 _____ (Microsoft Corporation) C:\Users\felix\Downloads\Silverlight_x64.exe
2014-02-26 23:11 - 2014-03-08 22:47 - 00000000 ____D () C:\Users\felix\AppData\Roaming\WinZipper
2014-02-26 23:11 - 2014-02-26 23:11 - 00000000 ____D () C:\Users\felix\AppData\Roaming\SupTab
2014-02-26 23:11 - 2014-02-26 23:11 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-02-24 21:28 - 2014-03-15 15:11 - 01533921 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 17:18 - 2014-02-21 17:18 - 00000000 ___HD () C:\TMRescueDisk
2014-02-21 17:14 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-21 17:13 - 2014-02-21 17:13 - 00003264 _____ () C:\Windows\System32\Tasks\Titanium BTC
2014-02-21 17:13 - 2014-02-21 17:13 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-21 17:13 - 2013-09-04 07:24 - 00116264 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2014-02-21 17:13 - 2013-09-04 07:22 - 00085424 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2014-02-21 17:13 - 2013-09-04 07:17 - 00282624 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-02-21 17:13 - 2013-07-11 03:39 - 00037904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys
2014-02-21 17:13 - 2013-07-08 04:16 - 00103712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2014-02-21 17:13 - 2013-07-01 14:08 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2014-02-21 17:13 - 2013-06-13 07:35 - 00100640 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2014-02-21 17:13 - 2013-05-15 11:23 - 00303392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2014-02-21 17:12 - 2014-03-10 00:42 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-21 17:12 - 2014-02-21 17:12 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-21 17:11 - 2014-02-21 17:11 - 00000036 _____ () C:\Users\felix\AppData\Local\housecall.guid.cache
2014-02-21 16:32 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Local\Trend Micro
2014-02-21 16:31 - 2014-01-19 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-02-21 16:22 - 2014-02-21 16:22 - 06631328 _____ (Trend Micro Inc.) C:\Users\felix\Downloads\Titanium_Maximum_Security_2014.exe
2014-02-20 23:42 - 2014-02-20 23:42 - 00000303 _____ () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk
2014-02-20 23:36 - 2014-02-20 23:37 - 00000000 ____D () C:\rads
2014-02-20 23:35 - 2014-02-20 23:35 - 00001429 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-02-20 23:34 - 2014-02-20 23:35 - 34888568 _____ (Riot Games) C:\Users\felix\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-02-20 17:26 - 2014-02-20 17:26 - 49340591 _____ () C:\Users\felix\Downloads\mitfinacrafnel.rar
2014-02-19 09:32 - 2014-02-20 23:36 - 00017408 ___SH () C:\Users\felix\Desktop\Thumbs.db
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 00:50 - 2014-02-18 00:50 - 00000000 ____D () C:\Users\felix\Documents\Diablo III
2014-02-18 00:31 - 2014-03-12 21:43 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-02-18 00:30 - 2014-03-12 22:05 - 00000000 ____D () C:\Users\felix\AppData\Local\Battle.net
2014-02-18 00:30 - 2014-02-18 00:31 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Battle.net
2014-02-18 00:30 - 2014-02-18 00:30 - 00000789 _____ () C:\Users\felix\Desktop\Battle.net.lnk
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard Entertainment
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-18 00:29 - 2014-02-18 00:29 - 06018744 _____ (Blizzard Entertainment) C:\Users\felix\Downloads\Diablo-III-Setup-deDE.exe
2014-02-18 00:29 - 2014-02-18 00:29 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-16 21:33 - 2014-02-16 21:59 - 00000000 ____D () C:\Users\felix\Documents\Witcher 2
2014-02-16 21:33 - 2014-02-16 21:33 - 00000000 ____D () C:\Users\felix\AppData\Local\The Witcher 2
2014-02-15 23:36 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-02-15 23:36 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-02-15 23:36 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-15 23:36 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-02-15 23:36 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-02-15 23:36 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-15 23:36 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2014-02-15 23:36 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-15 23:36 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-02-15 23:36 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-15 23:36 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-02-15 23:36 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-02-15 23:36 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-02-15 23:36 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2014-02-15 23:36 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-02-15 23:36 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-02-15 23:36 - 2013-11-27 05:01 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-15 23:36 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-02-15 23:36 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-02-15 23:36 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-02-15 23:36 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-02-15 23:36 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-02-15 23:36 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-02-15 23:36 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-02-15 23:36 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-15 23:36 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-02-15 23:36 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-02-15 23:36 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-02-15 23:36 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-02-15 23:36 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-02-15 23:36 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-02-15 23:36 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-02-15 23:36 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-15 23:36 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-15 23:36 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2014-02-15 23:36 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-02-15 23:36 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-02-15 23:36 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-02-15 23:36 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-02-15 23:36 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-02-15 23:36 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-02-15 23:36 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-02-15 23:36 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-02-15 23:36 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-15 23:36 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2014-02-15 23:36 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-02-15 23:36 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-02-15 23:36 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-02-15 23:36 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-02-15 23:36 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-02-15 23:36 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-02-15 23:36 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-02-15 23:36 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-15 23:36 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-02-15 23:36 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-02-14 18:46 - 2014-02-14 18:56 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iTunes
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iPod
2014-02-14 18:46 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\ProgramData\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-14 18:42 - 2014-02-14 18:43 - 148896080 _____ (Apple Inc.) C:\Users\felix\Downloads\iTunes64Setup.exe

==================== One Month Modified Files and Folders =======

2014-03-15 15:19 - 2014-03-15 15:19 - 00026666 _____ () C:\Users\felix\Downloads\FRST.txt
2014-03-15 15:19 - 2014-03-15 15:19 - 00000000 ____D () C:\FRST
2014-03-15 15:19 - 2014-01-31 19:42 - 00000000 ____D () C:\Users\felix\AppData\Local\PMB Files
2014-03-15 15:16 - 2014-01-31 19:17 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2294175808-4207890680-768246090-1002
2014-03-15 15:16 - 2013-11-27 10:06 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-15 15:16 - 2013-09-13 21:22 - 00765378 _____ () C:\Windows\system32\perfh007.dat
2014-03-15 15:16 - 2013-09-13 21:22 - 00159696 _____ () C:\Windows\system32\perfc007.dat
2014-03-15 15:14 - 2014-01-31 20:56 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Skype
2014-03-15 15:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-15 15:11 - 2014-03-15 09:12 - 00000000 __RDO () C:\Users\felix\SkyDrive
2014-03-15 15:11 - 2014-02-24 21:28 - 01533921 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 15:11 - 2014-01-31 20:00 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-15 15:10 - 2014-01-31 19:11 - 00336852 _____ () C:\Users\felix\AppData\Local\BTServer.log
2014-03-15 15:10 - 2013-11-27 10:27 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-03-15 15:10 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 15:03 - 2014-03-15 15:03 - 02157056 _____ (Farbar) C:\Users\felix\Downloads\FRST64.exe
2014-03-15 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-03-15 14:57 - 2014-01-31 19:57 - 00000306 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-03-15 10:23 - 2014-01-31 19:10 - 00000000 ____D () C:\Users\felix
2014-03-15 10:16 - 2014-01-31 19:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{51E0EFB3-BE2E-4AB2-801A-36EFDADB99CB}
2014-03-15 10:10 - 2014-01-31 20:00 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 09:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-03-15 09:12 - 2014-01-31 22:46 - 00000000 __RDO () C:\Users\felix\SkyDrive (2).old
2014-03-15 09:10 - 2014-03-15 09:10 - 00001068 _____ () C:\Windows\PFRO.log
2014-03-15 09:10 - 2014-02-27 00:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:10 - 2014-02-27 00:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 01:04 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-15 00:44 - 2014-01-31 19:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-14 20:50 - 2014-03-14 20:49 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TS3Client
2014-03-14 20:47 - 2014-03-14 20:47 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\felix\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-14 19:42 - 2014-03-14 19:42 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-14 18:21 - 2014-03-09 17:35 - 00000145 _____ () C:\Windows\setupact.log
2014-03-14 18:20 - 2014-01-31 20:38 - 00000000 ____D () C:\Windows\Razer Core
2014-03-12 22:05 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Local\Battle.net
2014-03-12 21:43 - 2014-02-18 00:31 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-12 20:00 - 2014-03-12 20:00 - 00000000 ____D () C:\Users\felix\AppData\Roaming\AppBooster
2014-03-12 19:14 - 2014-03-12 19:14 - 09490912 _____ (appsmaker ) C:\Users\felix\Downloads\AppBooster20_Basic_Setup.exe
2014-03-12 19:12 - 2014-03-12 07:22 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\Documents\Ashampoo Burning Studio FREE
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Local\ashampoo
2014-03-12 07:21 - 2014-03-12 07:21 - 29588704 _____ (Ashampoo GmbH & Co. KG ) C:\Users\felix\Downloads\ashampoo_burning_studio_free_1.12.0.exe
2014-03-12 07:17 - 2014-02-04 19:26 - 00108032 ___SH () C:\Users\felix\Downloads\Thumbs.db
2014-03-12 07:16 - 2014-03-12 07:16 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TuneUp Software
2014-03-12 07:16 - 2014-03-12 07:14 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\OpenCandy
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\DVDVideoSoft
2014-03-12 07:13 - 2014-03-12 07:12 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\felix\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
2014-03-10 00:54 - 2014-03-10 00:42 - 00231960 _____ () C:\Windows\RegBootClean64.exe
2014-03-10 00:42 - 2014-02-21 17:12 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-03-09 17:35 - 2014-03-09 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:55 - 2014-02-01 02:09 - 00000000 ____D () C:\Users\felix\Desktop\gamez
2014-03-09 10:52 - 2014-03-09 10:52 - 00000000 ____D () C:\Users\felix\Documents\Shadowrun Returns
2014-03-09 10:51 - 2014-03-09 10:51 - 00000000 ____D () C:\Users\felix\AppData\Local\Harebrained Schemes
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\Documents\NBGI
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\AppData\Local\NBGI
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-09 10:14 - 2014-03-09 10:13 - 00017533 _____ () C:\Windows\DirectX.log
2014-03-09 08:25 - 2014-02-08 11:38 - 00000000 ____D () C:\Users\felix\AppData\Roaming\vlc
2014-03-08 23:58 - 2014-03-08 23:58 - 00000000 ____D () C:\Users\felix\Documents\Red Wasp Design Ltd
2014-03-08 23:57 - 2014-03-08 23:57 - 00000954 _____ () C:\Users\UpdatusUser\Desktop\Call.of.Cthulhu.The.Wasted.Land.lnk
2014-03-08 22:47 - 2014-02-26 23:11 - 00000000 ____D () C:\Users\felix\AppData\Roaming\WinZipper
2014-03-08 18:24 - 2014-03-08 18:24 - 00017476 _____ () C:\Users\felix\Downloads\66148fd2585fc768b140a33cd3a1cc5d.dlc
2014-03-08 08:43 - 2014-01-31 19:33 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-03-08 08:19 - 2014-01-31 19:11 - 00000000 ____D () C:\Users\felix\AppData\Local\Packages
2014-03-08 02:29 - 2014-02-09 01:09 - 00000000 ____D () C:\ProgramData\Steam
2014-03-08 02:29 - 2014-02-02 11:37 - 00000000 ____D () C:\Users\felix\Documents\My Games
2014-03-05 20:35 - 2014-01-31 19:57 - 00000000 ____D () C:\Program Files (x86)\RightSurf
2014-03-02 12:16 - 2014-03-02 12:16 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard
2014-03-02 00:43 - 2014-03-02 00:40 - 219694912 _____ (NVIDIA Corporation) C:\Users\felix\Downloads\334.89-desktop-win8-win7-winvista-32bit-international-whql.exe
2014-03-01 23:24 - 2014-02-01 01:57 - 00007605 _____ () C:\Users\felix\AppData\Local\resmon.resmoncfg
2014-03-01 19:00 - 2014-03-01 18:59 - 01467128 _____ () C:\Users\felix\Downloads\SystemCheck_deDE.exe
2014-02-28 22:36 - 2014-02-28 22:36 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Awesomium
2014-02-28 20:57 - 2014-01-31 19:57 - 00000127 _____ () C:\Users\felix\AppData\Roaming\WB.CFG
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\Users\felix\Documents\Elder Scrolls Online
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 00:36 - 2014-02-27 00:36 - 13079688 _____ (Microsoft Corporation) C:\Users\felix\Downloads\Silverlight_x64.exe
2014-02-26 23:11 - 2014-02-26 23:11 - 00000000 ____D () C:\Users\felix\AppData\Roaming\SupTab
2014-02-26 23:11 - 2014-02-26 23:11 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-02-26 23:10 - 2014-01-31 19:33 - 00000000 ____D () C:\ProgramData\WPM
2014-02-22 21:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-02-21 17:18 - 2014-02-21 17:18 - 00000000 ___HD () C:\TMRescueDisk
2014-02-21 17:14 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-21 17:14 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\felix\AppData\Local\Trend Micro
2014-02-21 17:13 - 2014-02-21 17:13 - 00003264 _____ () C:\Windows\System32\Tasks\Titanium BTC
2014-02-21 17:13 - 2014-02-21 17:13 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-21 17:13 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-02-21 17:12 - 2014-02-21 17:12 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-21 17:11 - 2014-02-21 17:11 - 00000036 _____ () C:\Users\felix\AppData\Local\housecall.guid.cache
2014-02-21 17:10 - 2014-01-31 19:32 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-02-21 17:09 - 2013-11-27 10:31 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-21 17:09 - 2013-11-27 10:31 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-02-21 17:09 - 2013-11-27 10:31 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-21 16:22 - 2014-02-21 16:22 - 06631328 _____ (Trend Micro Inc.) C:\Users\felix\Downloads\Titanium_Maximum_Security_2014.exe
2014-02-21 07:04 - 2014-01-31 20:38 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2014-02-21 07:04 - 2014-01-31 20:38 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys
2014-02-20 23:42 - 2014-02-20 23:42 - 00000303 _____ () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk
2014-02-20 23:37 - 2014-02-20 23:36 - 00000000 ____D () C:\rads
2014-02-20 23:36 - 2014-02-19 09:32 - 00017408 ___SH () C:\Users\felix\Desktop\Thumbs.db
2014-02-20 23:35 - 2014-02-20 23:35 - 00001429 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-02-20 23:35 - 2014-02-20 23:34 - 34888568 _____ (Riot Games) C:\Users\felix\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-02-20 23:35 - 2014-01-31 19:52 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-02-20 17:26 - 2014-02-20 17:26 - 49340591 _____ () C:\Users\felix\Downloads\mitfinacrafnel.rar
2014-02-20 16:24 - 2014-01-31 19:11 - 00000000 ___RD () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-20 16:24 - 2014-01-31 19:11 - 00000000 ___RD () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-20 16:23 - 2013-08-22 15:44 - 00444792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-20 16:22 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-02-20 16:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-02-20 16:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-02-18 18:09 - 2014-02-02 11:38 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-18 18:09 - 2014-02-02 11:37 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 00:50 - 2014-02-18 00:50 - 00000000 ____D () C:\Users\felix\Documents\Diablo III
2014-02-18 00:31 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Battle.net
2014-02-18 00:30 - 2014-02-18 00:30 - 00000789 _____ () C:\Users\felix\Desktop\Battle.net.lnk
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard Entertainment
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-18 00:29 - 2014-02-18 00:29 - 06018744 _____ (Blizzard Entertainment) C:\Users\felix\Downloads\Diablo-III-Setup-deDE.exe
2014-02-18 00:29 - 2014-02-18 00:29 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 21:59 - 2014-02-16 21:33 - 00000000 ____D () C:\Users\felix\Documents\Witcher 2
2014-02-16 21:33 - 2014-02-16 21:33 - 00000000 ____D () C:\Users\felix\AppData\Local\The Witcher 2
2014-02-16 00:26 - 2014-01-31 19:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 00:25 - 2014-01-31 19:59 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 18:56 - 2014-02-14 18:46 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iTunes
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iPod
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\ProgramData\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-14 18:43 - 2014-02-14 18:42 - 148896080 _____ (Apple Inc.) C:\Users\felix\Downloads\iTunes64Setup.exe
2014-02-14 00:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-02-14 00:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2014-02-14 00:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2014-02-14 00:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 20:37

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by felix at 2014-03-15 15:23:55
Running from C:\Users\felix\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Trend Micro Titanium Maximum Security (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Titanium Maximum Security (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{07CCA4AC-FCC6-4A0A-B87A-26F6F50A7E31}) (Version: 20.2.44.03548 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.2.44.03548 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
appsmaker AppBooster 2.0 (HKLM-x32\...\appsmaker_AppBooster20_is1) (Version:  - appsmaker)
Ashampoo Burning Studio FREE v.1.12.0 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.12.0 - Ashampoo GmbH & Co. KG)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.05.04 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.4428 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Extended Update (HKCU\...\UpdaterEX) (Version:  - Extended Update)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Mars - War Logs (HKLM-x32\...\Mars - War Logs_is1) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 305.46 (Version: 305.46 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.61 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
RightSurf (HKLM\...\RightSurf) (Version: 2014.01.29.231259 - RightSurf) <==== ATTENTION
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
Torchlight II (c) Runic Games version 1 (HKLM-x32\...\Torchlight II (c) Runic Games_is1) (Version: 1 - )
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wajam (HKLM-x32\...\Wajam) (Version: 2.09 - Wajam) <==== ATTENTION
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.1.265 - ASUS Cloud Corporation)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

28-02-2014 23:55:31 Windows Update
08-03-2014 01:27:47 DirectX wurde installiert
09-03-2014 09:13:22 DirectX wurde installiert
09-03-2014 23:57:21 TITANUIMRES
12-03-2014 18:08:47 TuneUp Utilities 2014 wird entfernt
12-03-2014 18:09:24 TuneUp Utilities 2014 (de-DE) wird entfernt
14-03-2014 17:21:14 Razer Drivers Install

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {090BDC09-F161-49CB-994B-1BB61987DB3D} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-19] (ASUSTeK Computer Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {12FEC6FB-185A-4117-8D4D-816E8E0CEA52} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-10] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5FE4CEDF-34E5-4B5E-B226-4693088907D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.)
Task: {639FB730-5C20-4EC7-BDA7-8D55F8B3C951} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-27] (Trend Micro Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D0251F4-B96D-4A65-8344-71EA24B0147D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {72FE401B-B7B7-45BA-96FB-B493F92A7E2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {84F409DE-25AC-4F25-8D53-7127403098A4} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CBF667B-008D-4C8C-B4A6-815372E69BDB} - System32\Tasks\UpdaterEX => C:\Users\felix\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AC4292E9-30EC-4C20-893F-034A3EE34193} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2013-09-06] (ASUSTeK)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2B92A0F-C90C-4183-8885-F5618E72240F} - System32\Tasks\ASUS\ASUS Launcher Helper => C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe [2013-10-29] (Microsoft)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F85D6909-7DDA-4C4D-8E58-3390118E8AF1} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] ()
Task: {FA2AEEEA-761D-41D8-B1E6-3C7EBDC37A91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\felix\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-02-21 17:12 - 2013-01-16 03:19 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2014-02-21 17:12 - 2013-04-02 05:25 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2014-02-21 17:12 - 2013-01-16 03:23 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2014-02-21 17:12 - 2012-12-18 21:06 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2014-02-21 17:12 - 2013-01-16 03:19 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll
2014-02-21 16:28 - 2013-07-23 16:28 - 00247352 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2013-12-11 17:06 - 2013-09-26 19:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2013-11-27 10:25 - 2013-08-08 19:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2014-02-02 11:37 - 2014-02-02 11:37 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-27 10:40 - 2012-04-24 11:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-01-30 00:13 - 2014-03-14 23:45 - 00348960 _____ () C:\Program Files (x86)\RightSurf\updateRightSurf.exe
2013-11-27 10:25 - 2013-08-09 02:33 - 01114768 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
2014-01-31 20:58 - 2014-03-14 23:48 - 00348960 _____ () C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
2014-02-22 00:20 - 2013-12-18 14:33 - 00057584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2014-03-14 19:42 - 2014-03-14 19:42 - 00287008 _____ () C:\Program Files (x86)\RightSurf\bin\FilterApp_C64.exe
2013-06-12 18:11 - 2014-02-20 23:39 - 01294336 _____ () D:\gamezzz\lol\RADS\system\rads_user_kernel.exe
2014-01-31 19:42 - 2014-01-31 19:42 - 03089488 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2014-02-20 23:41 - 2014-03-07 23:08 - 05325152 _____ () D:\gamezzz\lol\RADS\projects\lol_launcher\releases\0.0.0.202\deploy\LoLLauncher.exe
2014-02-20 23:55 - 2014-02-20 23:55 - 00074752 _____ () D:\gamezzz\lol\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\LolClient.exe
2013-11-27 10:24 - 2013-08-28 16:24 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-02-26 23:11 - 2014-02-26 23:11 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-20 23:41 - 2014-03-07 23:08 - 00265056 _____ () D:\gamezzz\lol\RADS\projects\lol_launcher\releases\0.0.0.202\deploy\RiotLauncher.dll
2014-03-05 20:10 - 2014-03-03 20:15 - 00340992 _____ () D:\gamezzz\Steam\libavresample-1.dll
2014-03-05 20:10 - 2014-03-03 20:15 - 00470016 _____ () D:\gamezzz\Steam\libavutil-53.dll
2014-03-11 17:02 - 2014-03-11 05:42 - 00754176 _____ () D:\gamezzz\Steam\SDL2.dll
2014-03-11 17:02 - 2014-03-11 05:42 - 01135296 _____ () D:\gamezzz\Steam\bin\chromehtml.DLL
2014-03-05 20:10 - 2014-03-03 20:15 - 20626624 _____ () D:\gamezzz\Steam\bin\libcef.dll
2014-02-09 13:09 - 2013-06-15 00:49 - 01100800 _____ () D:\gamezzz\Steam\bin\avcodec-53.dll
2014-02-09 13:09 - 2013-06-15 00:49 - 00124416 _____ () D:\gamezzz\Steam\bin\avutil-51.dll
2014-02-09 13:09 - 2013-06-15 00:49 - 00192000 _____ () D:\gamezzz\Steam\bin\avformat-53.dll
2013-11-27 10:24 - 2014-03-15 15:12 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-11-27 10:24 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-03-04 16:13 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2013-12-11 16:47 - 2013-08-19 20:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-04 16:13 - 2014-03-02 03:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 16:13 - 2014-03-02 03:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 16:13 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 16:13 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 16:13 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-02-21 16:28 - 2013-07-23 16:28 - 00049152 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_49.dll
2014-02-21 16:28 - 2013-07-23 16:28 - 00039424 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_49.dll
2014-03-04 16:13 - 2014-03-02 03:35 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\felix\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\felix\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\felix\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2014 03:12:49 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/15/2014 03:00:53 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/15/2014 09:17:30 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/14/2014 11:56:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.3.0.495, Zeitstempel: 0x531164e2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x35f8
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Vollständiger Name des fehlerhaften Pakets: League of Legends.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: League of Legends.exe5

Error: (03/14/2014 07:24:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.3.0.495, Zeitstempel: 0x531164e2
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.3.0.495, Zeitstempel: 0x531164e2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x005801e0
ID des fehlerhaften Prozesses: 0x3fa8
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Vollständiger Name des fehlerhaften Pakets: League of Legends.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: League of Legends.exe5

Error: (03/14/2014 06:24:56 PM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 33.0.1750.146 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1af0

Startzeit: 01cf3fa936b5a9a2

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 8e8ef75f-ab9d-11e3-8279-6c71d9d9b148

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/14/2014 06:21:21 PM) (Source: Application Hang) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.1.3.127 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4144

Startzeit: 01cf3fa981ba67d4

Endzeit: 2

Anwendungspfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

Berichts-ID: 096051ba-ab9d-11e3-8279-6c71d9d9b148

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/14/2014 06:21:09 PM) (Source: RzOvlMon) (User: )
Description: RzOvlMonOpenService failed w/err 0x00000424

Error: (03/14/2014 06:21:01 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/14/2014 06:18:11 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall


System errors:
=============
Error: (03/15/2014 03:10:30 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎03.‎2014 um 15:08:12 unerwartet heruntergefahren.

Error: (03/15/2014 10:22:49 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎03.‎2014 um 10:22:02 unerwartet heruntergefahren.

Error: (03/15/2014 10:21:06 AM) (Source: nvlddmkm) (User: )
Description: \Device\Video1!06e6(24f8)

Error: (03/15/2014 01:03:53 AM) (Source: DCOM) (User: FUCKUP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/15/2014 01:03:51 AM) (Source: DCOM) (User: FUCKUP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/15/2014 01:03:51 AM) (Source: DCOM) (User: FUCKUP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/15/2014 01:03:50 AM) (Source: DCOM) (User: FUCKUP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/15/2014 01:03:50 AM) (Source: DCOM) (User: FUCKUP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/11/2014 05:02:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/11/2014 05:02:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Microsoft Office Sessions:
=========================
Error: (03/15/2014 03:12:49 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/15/2014 03:00:53 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/15/2014 09:17:30 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/14/2014 11:56:03 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.3.0.495531164e2unknown0.0.0.000000000c00000050000000035f801cf3fd890f4c6a1D:\gamezzz\lol\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League of Legends.exeunknownd0c85016-abcb-11e3-8279-6c71d9d9b148

Error: (03/14/2014 07:24:07 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.3.0.495531164e2League of Legends.exe4.3.0.495531164e2c0000005005801e03fa801cf3fac48eac354D:\gamezzz\lol\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League of Legends.exeD:\gamezzz\lol\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League of Legends.exed4209461-aba5-11e3-8279-6c71d9d9b148

Error: (03/14/2014 06:24:56 PM) (Source: Application Hang)(User: )
Description: chrome.exe33.0.1750.1461af001cf3fa936b5a9a24294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe8e8ef75f-ab9d-11e3-8279-6c71d9d9b148

Error: (03/14/2014 06:21:21 PM) (Source: Application Hang)(User: )
Description: SoftwareUpdate.exe2.1.3.127414401cf3fa981ba67d42C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe096051ba-ab9d-11e3-8279-6c71d9d9b148

Error: (03/14/2014 06:21:09 PM) (Source: RzOvlMon)(User: )
Description: RzOvlMonOpenService failed w/err 0x00000424

Error: (03/14/2014 06:21:01 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/14/2014 06:18:11 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall


==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 8131.27 MB
Available physical RAM: 5250.18 MB
Total Pagefile: 10691.27 MB
Available Pagefile: 6998.98 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:150 GB) (Free:91.66 GB) NTFS
Drive d: (Data) (Fixed) (Total:764.6 GB) (Free:586.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 16B27BA8)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---

schrauber 16.03.2014 17:01
Alles an Software deinstallieren wo in der Additional.txt der Zusatz <==ATTENTION dahinter steht.

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

fulloverdose 16.03.2014 20:02
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.16.02

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
felix :: FUCKUP [Administrator]

16.03.2014 19:28:47
mbam-log-2014-03-16 (19-28-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 242586
Laufzeit: 3 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 2
C:\ProgramData\IePluginService\PluginService.exe (PUP.Optional.IePluginService.A) -> 1668 -> Löschen bei Neustart.
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager) -> 1864 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 23
HKLM\SYSTEM\CurrentControlSet\Services\IePluginService (PUP.Optional.IePluginService.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins (PUP.Optional.IePluginService.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\sweet-pageSoftware (PUP.Optional.SweetPage.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0T1F1P1F1C0U2W -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Daten: C:\ProgramData\WPM\wprotectmanager.exe -service -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 3
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.SweetPage.A) -> Bösartig: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871) Gut: (iexplore.exe) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.SweetPage.A) -> Bösartig: (hxxp://www.sweet-page.com/web/?type=ds&ts=1391193183&from=cor&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3F002987129871&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 32
C:\Program Files (x86)\SupTab (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\en-US (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\es-419 (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\es-ES (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\it-CH (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\it-IT (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\pl (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\ru (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\icons_2.2.15.1631 (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\OpenCandy\7FCE73BF688D405583614A5DE64E5FBA (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\OpenCandy\9C4D0AE7FF17476A967D61B36E8CA001 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\IePluginService (PUP.Optional.IePluginService.A) -> Löschen bei Neustart.
C:\ProgramData\IePluginService\update (PUP.Optional.IePluginService.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 103
C:\ProgramData\IePluginService\PluginService.exe (PUP.Optional.IePluginService.A) -> Löschen bei Neustart.
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager) -> Löschen bei Neustart.
C:\Program Files (x86)\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx (PUP.Optional.NewTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\install.data (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\BHOEnabler.exe (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\uninstall.exe (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\indexIE.html (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\indexIE8.html (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\skin.css (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\style.css (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\ver.txt (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\default_logo.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\google.com.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\icon128.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\icon16.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\icon48.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\loading.gif (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\0.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\1.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\10.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\11.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\12.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\13.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\14.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\15.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\16.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\17.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\18.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\19.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\2.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\20.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\21.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\22.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\23.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\24.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\25.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\26.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\27.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\28.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\29.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\3.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\30.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\31.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\32.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\33.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\34.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\35.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\36.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\37.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\38.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\39.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\4.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\40.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\41.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\42.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\43.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\44.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\45.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\46.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\47.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\5.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\6.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\7.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\8.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\img\weather\9.png (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\background.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\ga.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\jquery-base.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\js.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\json2.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\xa.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\js\xagainit.js (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json (PUP.Optional.SupTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\icons_2.2.15.1631\62.ico (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\icons_2.2.15.1631\80.ico (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\UpdateProc\info.dat (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\OpenCandy\7FCE73BF688D405583614A5DE64E5FBA\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\felix\AppData\Roaming\OpenCandy\9C4D0AE7FF17476A967D61B36E8CA001\SSStub_SearchProtect_p1v0.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\IePluginService\update\conf (PUP.Optional.IePluginService.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

AdwCleaner Logfile:
Code:
# AdwCleaner v3.022 - Bericht erstellt am 16/03/2014 um 19:39:28
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : felix - FUCKUP
# Gestartet von : C:\Users\felix\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\felix\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\felix\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\felix\AppData\Roaming\UpdaterEX
Ordner Gelöscht : C:\Users\felix\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog
Ordner Gelöscht : C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
Datei Gelöscht : C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\UpdaterEX.job
Datei Gelöscht : C:\Windows\System32\Tasks\UpdaterEX

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\felix\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\felix\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\felix\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\felix\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\UpdaterEX
Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

*************************

AdwCleaner[R0].txt - [8287 octets] - [16/03/2014 19:38:01]
AdwCleaner[S0].txt - [5711 octets] - [16/03/2014 19:39:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5771 octets] ##########
--- --- ---JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by felix on 16.03.2014 at 19:47:33,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.03.2014 at 19:50:02,78
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by felix (administrator) on FUCKUP on 16-03-2014 19:51:40
Running from C:\Users\felix\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] - C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSPanel.exe [5591872 2014-01-15] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - D:\apps\itun\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=ASJB
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\apps\java\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\apps\java\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome:
=======
CHR HomePage: hxxp://search.babylon.com/?affID=121529&tt=gc_&babsrc=HP_ss_wls&mntrId=385790E6BA1902A4
CHR Extension: (Angry Birds) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-03-01]
CHR Extension: (From Dust) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2014-03-01]
CHR Extension: (Retro Games) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgejkohjndfiooaomnpbacoeekdonkak [2014-03-01]
CHR Extension: (Mini Putt) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbblnjglchclanebglfjigfokbgpbbg [2014-03-01]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2014-02-21]
CHR Extension: (X New Tab Page) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh [2014-02-01]
CHR Extension: (Poolbillard) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2014-03-01]
CHR Extension: (Kingdom Rush) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2014-03-01]
CHR Extension: (Monster Dash) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog [2014-03-01]
CHR Extension: (Trend Micro Osprey Chrome Extension) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgckcapmffomaifonnhgkfdgljnkpgi [2014-02-21]
CHR Extension: (AdBlock) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-01]
CHR Extension: (Don't Starve) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-03-01]
CHR Extension: (Cargo Bridge: Armor Games Edition) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj [2014-03-01]
CHR Extension: (New Tab Page for FVD Speed Dial) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Extended Protection) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

==================== Services (Whitelisted) =================

R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5216624 2010-12-17] (appsmaker)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] ()
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-02] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2318192 2010-12-17] (appsmaker)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                          )
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-01-10] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2013-11-15] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-08] (Trend Micro Inc.)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-14] (StdLib)
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-16 19:51 - 2014-03-16 19:51 - 00019697 _____ () C:\Users\felix\Desktop\FRST.txt
2014-03-16 19:50 - 2014-03-16 19:50 - 00000637 _____ () C:\Users\felix\Desktop\JRT.txt
2014-03-16 19:37 - 2014-03-16 19:39 - 00000000 ____D () C:\AdwCleaner
2014-03-16 19:14 - 2014-03-16 19:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 19:13 - 2014-03-16 19:13 - 01037734 _____ (Thisisu) C:\Users\felix\Desktop\JRT.exe
2014-03-16 19:12 - 2014-03-16 19:12 - 01950720 _____ () C:\Users\felix\Desktop\adwcleaner.exe
2014-03-16 19:12 - 2014-03-16 19:12 - 00000741 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Malwarebytes
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 19:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-16 19:11 - 2014-03-16 19:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\felix\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-15 15:19 - 2014-03-16 19:51 - 00000000 ____D () C:\FRST
2014-03-15 15:19 - 2014-03-15 15:24 - 00058042 _____ () C:\Users\felix\Downloads\FRST.txt
2014-03-15 15:19 - 2014-03-15 15:24 - 00033396 _____ () C:\Users\felix\Downloads\Addition.txt
2014-03-15 15:03 - 2014-03-15 15:03 - 02157056 _____ (Farbar) C:\Users\felix\Desktop\FRST64.exe
2014-03-15 09:12 - 2014-03-16 19:47 - 00000000 __RDO () C:\Users\felix\SkyDrive
2014-03-15 09:10 - 2014-03-16 19:35 - 00034894 _____ () C:\Windows\PFRO.log
2014-03-14 20:49 - 2014-03-14 20:50 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TS3Client
2014-03-14 20:47 - 2014-03-14 20:47 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\felix\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-14 19:42 - 2014-03-14 19:42 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-14 18:27 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 18:27 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 18:27 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 18:27 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 18:27 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 18:27 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 18:27 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 18:27 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 18:27 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 18:27 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 18:27 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 18:27 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 18:27 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 18:27 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 18:27 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 18:27 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 18:27 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 18:27 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-14 18:27 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-14 18:26 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 18:26 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 18:26 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 18:26 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-14 18:26 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-14 18:26 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-03-14 18:26 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-03-14 18:26 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-03-14 18:26 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-14 18:26 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-03-14 18:26 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-03-14 18:26 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-03-14 18:26 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-14 18:26 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-03-14 18:26 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-03-14 18:26 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-03-14 18:26 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-14 18:26 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-14 18:26 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-03-14 18:26 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-14 18:26 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-03-14 18:26 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-14 18:26 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-03-14 18:26 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-14 18:26 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-03-14 18:26 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-14 18:26 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-14 18:26 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-03-14 18:26 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-03-14 18:26 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-14 18:26 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-14 18:26 - 2014-01-27 12:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-03-14 18:26 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-03-14 18:26 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-14 18:26 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-03-14 18:26 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-03-14 18:26 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-14 18:26 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-03-14 18:26 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 20:00 - 2014-03-12 20:00 - 00000000 ____D () C:\Users\felix\AppData\Roaming\AppBooster
2014-03-12 19:14 - 2014-03-12 19:14 - 09490912 _____ (appsmaker ) C:\Users\felix\Downloads\AppBooster20_Basic_Setup.exe
2014-03-12 07:22 - 2014-03-12 19:12 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\Documents\Ashampoo Burning Studio FREE
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Local\ashampoo
2014-03-12 07:21 - 2014-03-12 07:21 - 29588704 _____ (Ashampoo GmbH & Co. KG ) C:\Users\felix\Downloads\ashampoo_burning_studio_free_1.12.0.exe
2014-03-12 07:16 - 2014-03-12 07:16 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:16 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\DVDVideoSoft
2014-03-12 07:12 - 2014-03-12 07:13 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\felix\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
2014-03-10 00:42 - 2014-03-10 00:54 - 00231960 _____ () C:\Windows\RegBootClean64.exe
2014-03-09 17:35 - 2014-03-14 18:21 - 00000145 _____ () C:\Windows\setupact.log
2014-03-09 17:35 - 2014-03-09 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:52 - 2014-03-09 10:52 - 00000000 ____D () C:\Users\felix\Documents\Shadowrun Returns
2014-03-09 10:51 - 2014-03-09 10:51 - 00000000 ____D () C:\Users\felix\AppData\Local\Harebrained Schemes
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\Documents\NBGI
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\AppData\Local\NBGI
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-09 10:13 - 2014-03-09 10:14 - 00017533 _____ () C:\Windows\DirectX.log
2014-03-08 23:58 - 2014-03-08 23:58 - 00000000 ____D () C:\Users\felix\Documents\Red Wasp Design Ltd
2014-03-08 23:57 - 2014-03-08 23:57 - 00000954 _____ () C:\Users\UpdatusUser\Desktop\Call.of.Cthulhu.The.Wasted.Land.lnk
2014-03-08 18:24 - 2014-03-08 18:24 - 00017476 _____ () C:\Users\felix\Downloads\66148fd2585fc768b140a33cd3a1cc5d.dlc
2014-03-02 12:16 - 2014-03-02 12:16 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard
2014-03-02 00:40 - 2014-03-02 00:43 - 219694912 _____ (NVIDIA Corporation) C:\Users\felix\Downloads\334.89-desktop-win8-win7-winvista-32bit-international-whql.exe
2014-03-01 18:59 - 2014-03-01 19:00 - 01467128 _____ () C:\Users\felix\Downloads\SystemCheck_deDE.exe
2014-02-28 22:36 - 2014-02-28 22:36 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Awesomium
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\Users\felix\Documents\Elder Scrolls Online
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 00:37 - 2014-03-15 09:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-27 00:37 - 2014-03-15 09:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-27 00:36 - 2014-02-27 00:36 - 13079688 _____ (Microsoft Corporation) C:\Users\felix\Downloads\Silverlight_x64.exe
2014-02-24 21:28 - 2014-03-16 19:47 - 01807147 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 17:18 - 2014-02-21 17:18 - 00000000 ___HD () C:\TMRescueDisk
2014-02-21 17:14 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-21 17:13 - 2014-02-21 17:13 - 00003264 _____ () C:\Windows\System32\Tasks\Titanium BTC
2014-02-21 17:13 - 2014-02-21 17:13 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-21 17:13 - 2013-09-04 07:24 - 00116264 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2014-02-21 17:13 - 2013-09-04 07:22 - 00085424 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2014-02-21 17:13 - 2013-09-04 07:17 - 00282624 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-02-21 17:13 - 2013-07-11 03:39 - 00037904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys
2014-02-21 17:13 - 2013-07-08 04:16 - 00103712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2014-02-21 17:13 - 2013-07-01 14:08 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2014-02-21 17:13 - 2013-06-13 07:35 - 00100640 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2014-02-21 17:13 - 2013-05-15 11:23 - 00303392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2014-02-21 17:12 - 2014-03-10 00:42 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-21 17:12 - 2014-02-21 17:12 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-21 17:11 - 2014-02-21 17:11 - 00000036 _____ () C:\Users\felix\AppData\Local\housecall.guid.cache
2014-02-21 16:32 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Local\Trend Micro
2014-02-21 16:31 - 2014-01-19 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-02-21 16:22 - 2014-02-21 16:22 - 06631328 _____ (Trend Micro Inc.) C:\Users\felix\Downloads\Titanium_Maximum_Security_2014.exe
2014-02-20 23:42 - 2014-02-20 23:42 - 00000303 _____ () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk
2014-02-20 23:36 - 2014-02-20 23:37 - 00000000 ____D () C:\rads
2014-02-20 23:35 - 2014-02-20 23:35 - 00001429 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-02-20 23:34 - 2014-02-20 23:35 - 34888568 _____ (Riot Games) C:\Users\felix\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-02-20 17:26 - 2014-02-20 17:26 - 49340591 _____ () C:\Users\felix\Downloads\mitfinacrafnel.rar
2014-02-19 09:32 - 2014-02-20 23:36 - 00017408 ___SH () C:\Users\felix\Desktop\Thumbs.db
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 00:50 - 2014-02-18 00:50 - 00000000 ____D () C:\Users\felix\Documents\Diablo III
2014-02-18 00:31 - 2014-03-12 21:43 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-02-18 00:30 - 2014-03-12 22:05 - 00000000 ____D () C:\Users\felix\AppData\Local\Battle.net
2014-02-18 00:30 - 2014-02-18 00:31 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Battle.net
2014-02-18 00:30 - 2014-02-18 00:30 - 00000789 _____ () C:\Users\felix\Desktop\Battle.net.lnk
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard Entertainment
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-18 00:29 - 2014-02-18 00:29 - 06018744 _____ (Blizzard Entertainment) C:\Users\felix\Downloads\Diablo-III-Setup-deDE.exe
2014-02-18 00:29 - 2014-02-18 00:29 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-16 21:33 - 2014-02-16 21:59 - 00000000 ____D () C:\Users\felix\Documents\Witcher 2
2014-02-16 21:33 - 2014-02-16 21:33 - 00000000 ____D () C:\Users\felix\AppData\Local\The Witcher 2
2014-02-15 23:36 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-02-15 23:36 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-02-15 23:36 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-15 23:36 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-02-15 23:36 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-02-15 23:36 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-15 23:36 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2014-02-15 23:36 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-15 23:36 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-02-15 23:36 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-15 23:36 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-02-15 23:36 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-02-15 23:36 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-02-15 23:36 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2014-02-15 23:36 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-02-15 23:36 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-02-15 23:36 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-02-15 23:36 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-02-15 23:36 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-02-15 23:36 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-02-15 23:36 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-02-15 23:36 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-02-15 23:36 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-02-15 23:36 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-02-15 23:36 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-02-15 23:36 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-02-15 23:36 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-15 23:36 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-15 23:36 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2014-02-15 23:36 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-02-15 23:36 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-02-15 23:36 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-02-15 23:36 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-02-15 23:36 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-02-15 23:36 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-02-15 23:36 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-02-15 23:36 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-02-15 23:36 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-15 23:36 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2014-02-15 23:36 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-02-15 23:36 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-02-15 23:36 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-02-15 23:36 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-02-15 23:36 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-02-15 23:36 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-02-15 23:36 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-02-14 18:46 - 2014-02-14 18:56 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iTunes
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iPod
2014-02-14 18:46 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\ProgramData\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-14 18:42 - 2014-02-14 18:43 - 148896080 _____ (Apple Inc.) C:\Users\felix\Downloads\iTunes64Setup.exe

==================== One Month Modified Files and Folders =======

2014-03-16 19:51 - 2014-03-16 19:51 - 00019697 _____ () C:\Users\felix\Desktop\FRST.txt
2014-03-16 19:51 - 2014-03-15 15:19 - 00000000 ____D () C:\FRST
2014-03-16 19:51 - 2013-11-27 10:06 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 19:51 - 2013-09-13 21:22 - 00765378 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 19:51 - 2013-09-13 21:22 - 00159696 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 19:50 - 2014-03-16 19:50 - 00000637 _____ () C:\Users\felix\Desktop\JRT.txt
2014-03-16 19:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-16 19:48 - 2014-01-31 19:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{51E0EFB3-BE2E-4AB2-801A-36EFDADB99CB}
2014-03-16 19:47 - 2014-03-15 09:12 - 00000000 __RDO () C:\Users\felix\SkyDrive
2014-03-16 19:47 - 2014-02-24 21:28 - 01807147 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 19:47 - 2014-01-31 20:00 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-16 19:47 - 2014-01-31 19:11 - 00355275 _____ () C:\Users\felix\AppData\Local\BTServer.log
2014-03-16 19:47 - 2013-11-27 10:27 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-03-16 19:47 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 19:45 - 2014-01-31 19:17 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2294175808-4207890680-768246090-1002
2014-03-16 19:39 - 2014-03-16 19:37 - 00000000 ____D () C:\AdwCleaner
2014-03-16 19:39 - 2014-01-31 19:11 - 00001014 _____ () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 19:35 - 2014-03-15 09:10 - 00034894 _____ () C:\Windows\PFRO.log
2014-03-16 19:35 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-16 19:19 - 2014-01-31 20:56 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Skype
2014-03-16 19:14 - 2014-03-16 19:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 19:13 - 2014-03-16 19:13 - 01037734 _____ (Thisisu) C:\Users\felix\Desktop\JRT.exe
2014-03-16 19:12 - 2014-03-16 19:12 - 01950720 _____ () C:\Users\felix\Desktop\adwcleaner.exe
2014-03-16 19:12 - 2014-03-16 19:12 - 00000741 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Malwarebytes
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 19:11 - 2014-03-16 19:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\felix\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 19:10 - 2014-01-31 20:00 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-03-16 15:20 - 2014-01-31 19:42 - 00000000 ____D () C:\Users\felix\AppData\Local\PMB Files
2014-03-16 14:01 - 2014-01-31 19:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-16 12:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-03-16 01:33 - 2013-08-22 15:44 - 00444792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-15 19:15 - 2014-01-31 19:10 - 00000000 ____D () C:\Users\felix
2014-03-15 15:24 - 2014-03-15 15:19 - 00058042 _____ () C:\Users\felix\Downloads\FRST.txt
2014-03-15 15:24 - 2014-03-15 15:19 - 00033396 _____ () C:\Users\felix\Downloads\Addition.txt
2014-03-15 15:03 - 2014-03-15 15:03 - 02157056 _____ (Farbar) C:\Users\felix\Desktop\FRST64.exe
2014-03-15 09:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-03-15 09:12 - 2014-01-31 22:46 - 00000000 __RDO () C:\Users\felix\SkyDrive (2).old
2014-03-15 09:10 - 2014-02-27 00:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:10 - 2014-02-27 00:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 20:50 - 2014-03-14 20:49 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TS3Client
2014-03-14 20:47 - 2014-03-14 20:47 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\felix\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-14 19:42 - 2014-03-14 19:42 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-14 18:21 - 2014-03-09 17:35 - 00000145 _____ () C:\Windows\setupact.log
2014-03-14 18:20 - 2014-01-31 20:38 - 00000000 ____D () C:\Windows\Razer Core
2014-03-12 22:05 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Local\Battle.net
2014-03-12 21:43 - 2014-02-18 00:31 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-12 20:00 - 2014-03-12 20:00 - 00000000 ____D () C:\Users\felix\AppData\Roaming\AppBooster
2014-03-12 19:14 - 2014-03-12 19:14 - 09490912 _____ (appsmaker ) C:\Users\felix\Downloads\AppBooster20_Basic_Setup.exe
2014-03-12 19:12 - 2014-03-12 07:22 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\Documents\Ashampoo Burning Studio FREE
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Local\ashampoo
2014-03-12 07:21 - 2014-03-12 07:21 - 29588704 _____ (Ashampoo GmbH & Co. KG ) C:\Users\felix\Downloads\ashampoo_burning_studio_free_1.12.0.exe
2014-03-12 07:17 - 2014-02-04 19:26 - 00108032 ___SH () C:\Users\felix\Downloads\Thumbs.db
2014-03-12 07:16 - 2014-03-12 07:16 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TuneUp Software
2014-03-12 07:16 - 2014-03-12 07:14 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\DVDVideoSoft
2014-03-12 07:13 - 2014-03-12 07:12 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\felix\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
2014-03-10 00:54 - 2014-03-10 00:42 - 00231960 _____ () C:\Windows\RegBootClean64.exe
2014-03-10 00:42 - 2014-02-21 17:12 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-03-09 17:35 - 2014-03-09 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:55 - 2014-02-01 02:09 - 00000000 ____D () C:\Users\felix\Desktop\gamez
2014-03-09 10:52 - 2014-03-09 10:52 - 00000000 ____D () C:\Users\felix\Documents\Shadowrun Returns
2014-03-09 10:51 - 2014-03-09 10:51 - 00000000 ____D () C:\Users\felix\AppData\Local\Harebrained Schemes
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\Documents\NBGI
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\AppData\Local\NBGI
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-09 10:14 - 2014-03-09 10:13 - 00017533 _____ () C:\Windows\DirectX.log
2014-03-09 08:25 - 2014-02-08 11:38 - 00000000 ____D () C:\Users\felix\AppData\Roaming\vlc
2014-03-08 23:58 - 2014-03-08 23:58 - 00000000 ____D () C:\Users\felix\Documents\Red Wasp Design Ltd
2014-03-08 23:57 - 2014-03-08 23:57 - 00000954 _____ () C:\Users\UpdatusUser\Desktop\Call.of.Cthulhu.The.Wasted.Land.lnk
2014-03-08 18:24 - 2014-03-08 18:24 - 00017476 _____ () C:\Users\felix\Downloads\66148fd2585fc768b140a33cd3a1cc5d.dlc
2014-03-08 08:19 - 2014-01-31 19:11 - 00000000 ____D () C:\Users\felix\AppData\Local\Packages
2014-03-08 02:29 - 2014-02-09 01:09 - 00000000 ____D () C:\ProgramData\Steam
2014-03-08 02:29 - 2014-02-02 11:37 - 00000000 ____D () C:\Users\felix\Documents\My Games
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 12:16 - 2014-03-02 12:16 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard
2014-03-02 00:43 - 2014-03-02 00:40 - 219694912 _____ (NVIDIA Corporation) C:\Users\felix\Downloads\334.89-desktop-win8-win7-winvista-32bit-international-whql.exe
2014-03-01 23:24 - 2014-02-01 01:57 - 00007605 _____ () C:\Users\felix\AppData\Local\resmon.resmoncfg
2014-03-01 19:00 - 2014-03-01 18:59 - 01467128 _____ () C:\Users\felix\Downloads\SystemCheck_deDE.exe
2014-03-01 07:05 - 2014-03-14 18:27 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-14 18:27 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-14 18:27 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-14 18:27 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-14 18:27 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-14 18:27 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-14 18:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-14 18:27 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-14 18:27 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-14 18:27 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-14 18:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-14 18:27 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-14 18:27 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-14 18:27 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-14 18:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-14 18:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-14 18:27 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 22:36 - 2014-02-28 22:36 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Awesomium
2014-02-28 20:57 - 2014-01-31 19:57 - 00000127 _____ () C:\Users\felix\AppData\Roaming\WB.CFG
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\Users\felix\Documents\Elder Scrolls Online
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 00:36 - 2014-02-27 00:36 - 13079688 _____ (Microsoft Corporation) C:\Users\felix\Downloads\Silverlight_x64.exe
2014-02-21 17:18 - 2014-02-21 17:18 - 00000000 ___HD () C:\TMRescueDisk
2014-02-21 17:14 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-21 17:14 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\felix\AppData\Local\Trend Micro
2014-02-21 17:13 - 2014-02-21 17:13 - 00003264 _____ () C:\Windows\System32\Tasks\Titanium BTC
2014-02-21 17:13 - 2014-02-21 17:13 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-21 17:13 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-02-21 17:12 - 2014-02-21 17:12 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-21 17:11 - 2014-02-21 17:11 - 00000036 _____ () C:\Users\felix\AppData\Local\housecall.guid.cache
2014-02-21 17:09 - 2013-11-27 10:31 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-21 17:09 - 2013-11-27 10:31 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-02-21 16:22 - 2014-02-21 16:22 - 06631328 _____ (Trend Micro Inc.) C:\Users\felix\Downloads\Titanium_Maximum_Security_2014.exe
2014-02-21 07:04 - 2014-01-31 20:38 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2014-02-21 07:04 - 2014-01-31 20:38 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys
2014-02-20 23:42 - 2014-02-20 23:42 - 00000303 _____ () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk
2014-02-20 23:37 - 2014-02-20 23:36 - 00000000 ____D () C:\rads
2014-02-20 23:36 - 2014-02-19 09:32 - 00017408 ___SH () C:\Users\felix\Desktop\Thumbs.db
2014-02-20 23:35 - 2014-02-20 23:35 - 00001429 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-02-20 23:35 - 2014-02-20 23:34 - 34888568 _____ (Riot Games) C:\Users\felix\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-02-20 17:26 - 2014-02-20 17:26 - 49340591 _____ () C:\Users\felix\Downloads\mitfinacrafnel.rar
2014-02-20 16:24 - 2014-01-31 19:11 - 00000000 ___RD () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-20 16:24 - 2014-01-31 19:11 - 00000000 ___RD () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-20 16:22 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-02-20 16:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-02-20 16:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-02-18 18:09 - 2014-02-02 11:38 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-18 18:09 - 2014-02-02 11:37 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 00:50 - 2014-02-18 00:50 - 00000000 ____D () C:\Users\felix\Documents\Diablo III
2014-02-18 00:31 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Battle.net
2014-02-18 00:30 - 2014-02-18 00:30 - 00000789 _____ () C:\Users\felix\Desktop\Battle.net.lnk
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard Entertainment
2014-02-18 00:30 - 2014-02-18 00:30 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-02-18 00:29 - 2014-02-18 00:29 - 06018744 _____ (Blizzard Entertainment) C:\Users\felix\Downloads\Diablo-III-Setup-deDE.exe
2014-02-18 00:29 - 2014-02-18 00:29 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-16 21:59 - 2014-02-16 21:33 - 00000000 ____D () C:\Users\felix\Documents\Witcher 2
2014-02-16 21:33 - 2014-02-16 21:33 - 00000000 ____D () C:\Users\felix\AppData\Local\The Witcher 2
2014-02-16 00:26 - 2014-01-31 19:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 00:25 - 2014-01-31 19:59 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 18:56 - 2014-02-14 18:46 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iTunes
2014-02-14 18:46 - 2014-02-14 18:46 - 00000000 ____D () C:\Program Files\iPod
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Users\felix\AppData\Local\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\ProgramData\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-14 18:45 - 2014-02-14 18:45 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-14 18:43 - 2014-02-14 18:42 - 148896080 _____ (Apple Inc.) C:\Users\felix\Downloads\iTunes64Setup.exe
2014-02-14 00:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-02-14 00:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2014-02-14 00:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2014-02-14 00:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports

Some content of TEMP:
====================
C:\Users\felix\AppData\Local\Temp\52845uninstall.exe
C:\Users\felix\AppData\Local\Temp\Quarantine.exe
C:\Users\felix\AppData\Local\Temp\Sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-14 18:26] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-11 20:37

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

und schonmal ein dickes dankeschön für die hilfe
ihr seid super!!!!!!!!!!!!!!!!

schrauber 17.03.2014 10:50

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

fulloverdose 18.03.2014 16:09
habe keine wechseldatenmedien.... muss ich den scann trotzdem machen??

schrauber 19.03.2014 13:00
Ja, du kannst nur eventuell vorhandene Wechselmedien gerade mitscannen lassen wenn sie vorhanden wären :)

fulloverdose 23.03.2014 10:41
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=21e45f45c801354c983a1dac5aabe268
# engine=17564
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-23 09:36:20
# local_time=2014-03-23 10:36:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 660011 12883677 0 0
# scanned=215475
# found=2
# cleaned=0
# scan_time=4292
sh=727BF720FB414A9CD22F3755FF7A0F5B90D9C8AA ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAN trojan" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-2294175808-4207890680-768246090-1002\$RZI1BD2.die-FLT\flt-dspd.iso"
sh=38EB819B95824087D6C7B888A3EECDF91BE61BBB ft=1 fh=f998eb64c89b246b vn="a variant of Win32/Packed.VMProtect.AAN trojan" ac=I fn="D:\gamezzz\souls\xlive.dll"

Results of screen317's Security Check version 0.99.80
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Trend Micro Titanium Maximum Security
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
Java 7 Update 51
Adobe Reader XI
Google Chrome 33.0.1750.146
Google Chrome 33.0.1750.154
````````Process Check: objlist.exe by Laurent````````
Common Files OptimalSuite Common AMDSrv.exe
Trend Micro AMSP coreServiceShell.exe
Trend Micro UniClient UiFrmWrk uiWatchDog.exe
Trend Micro AMSP coreFrameworkHost.exe
Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by felix (administrator) on FUCKUP on 23-03-2014 10:40:58
Running from C:\Users\felix\Desktop\anti malware
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] - C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSPanel.exe [5591872 2014-01-15] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - D:\apps\itun\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=ASJB
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\apps\java\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\apps\java\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome:
=======
CHR HomePage: hxxp://search.babylon.com/?affID=121529&tt=gc_&babsrc=HP_ss_wls&mntrId=385790E6BA1902A4
CHR Extension: (Angry Birds) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-03-01]
CHR Extension: (From Dust) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2014-03-01]
CHR Extension: (Retro Games) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgejkohjndfiooaomnpbacoeekdonkak [2014-03-01]
CHR Extension: (Mini Putt) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbblnjglchclanebglfjigfokbgpbbg [2014-03-01]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2014-02-21]
CHR Extension: (X New Tab Page) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh [2014-02-01]
CHR Extension: (Poolbillard) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2014-03-01]
CHR Extension: (Kingdom Rush) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2014-03-01]
CHR Extension: (Monster Dash) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog [2014-03-01]
CHR Extension: (Trend Micro Osprey Chrome Extension) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgckcapmffomaifonnhgkfdgljnkpgi [2014-02-21]
CHR Extension: (AdBlock) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-01]
CHR Extension: (Don't Starve) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-03-01]
CHR Extension: (Cargo Bridge: Armor Games Edition) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj [2014-03-01]
CHR Extension: (New Tab Page for FVD Speed Dial) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Extended Protection) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

==================== Services (Whitelisted) =================

R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5216624 2010-12-17] (appsmaker)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] ()
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-02] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2318192 2010-12-17] (appsmaker)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                          )
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-01-10] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2013-11-15] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-08] (Trend Micro Inc.)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-14] (StdLib)
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-23 10:39 - 2014-03-23 10:39 - 00987442 _____ () C:\Users\felix\Downloads\SecurityCheck.exe
2014-03-23 09:22 - 2014-03-23 09:22 - 02347384 _____ (ESET) C:\Users\felix\Downloads\esetsmartinstaller_enu (1).exe
2014-03-19 15:47 - 2014-03-19 15:47 - 02347384 _____ (ESET) C:\Users\felix\Downloads\esetsmartinstaller_enu.exe
2014-03-19 15:43 - 2014-01-08 02:46 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-03-19 15:43 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-19 15:43 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-19 15:43 - 2014-01-04 16:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll
2014-03-19 15:43 - 2014-01-04 16:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-03-19 15:43 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-03-19 15:43 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-03-19 15:43 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-19 15:43 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-19 15:43 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-19 15:43 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-03-19 15:43 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-19 15:43 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-03-19 15:43 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-03-19 15:43 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-03-19 15:43 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-03-19 15:43 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2014-03-19 15:43 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-03-19 15:43 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2014-03-19 15:43 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-03-19 15:43 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-03-19 15:43 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-03-19 15:43 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-03-19 15:43 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-03-19 15:43 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-03-19 15:43 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-03-19 15:43 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-03-19 15:43 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-03-19 15:43 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2014-03-19 15:43 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-03-19 15:43 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-03-19 15:43 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-03-19 15:43 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-03-19 15:43 - 2013-12-13 08:24 - 00121088 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-03-19 15:43 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-03-19 15:43 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-03-19 15:43 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-19 15:43 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-16 19:58 - 2014-03-23 10:40 - 00000000 ____D () C:\Users\felix\Desktop\anti malware
2014-03-16 19:37 - 2014-03-16 19:39 - 00000000 ____D () C:\AdwCleaner
2014-03-16 19:14 - 2014-03-16 19:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Malwarebytes
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 19:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-16 19:11 - 2014-03-16 19:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\felix\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-15 15:19 - 2014-03-23 10:40 - 00000000 ____D () C:\FRST
2014-03-15 15:19 - 2014-03-15 15:24 - 00058042 _____ () C:\Users\felix\Downloads\FRST.txt
2014-03-15 15:19 - 2014-03-15 15:24 - 00033396 _____ () C:\Users\felix\Downloads\Addition.txt
2014-03-15 09:12 - 2014-03-23 09:15 - 00000000 __RDO () C:\Users\felix\SkyDrive
2014-03-15 09:10 - 2014-03-16 19:35 - 00034894 _____ () C:\Windows\PFRO.log
2014-03-14 20:49 - 2014-03-23 02:25 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TS3Client
2014-03-14 20:47 - 2014-03-14 20:47 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\felix\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-14 19:42 - 2014-03-14 19:42 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-14 18:27 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 18:27 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 18:27 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 18:27 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 18:27 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 18:27 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 18:27 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 18:27 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 18:27 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 18:27 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 18:27 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 18:27 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 18:27 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 18:27 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 18:27 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 18:27 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 18:27 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 18:27 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-14 18:27 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-14 18:26 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 18:26 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 18:26 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 18:26 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-14 18:26 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-14 18:26 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-03-14 18:26 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-03-14 18:26 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-03-14 18:26 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-14 18:26 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-03-14 18:26 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-03-14 18:26 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-03-14 18:26 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-14 18:26 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-03-14 18:26 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-03-14 18:26 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-03-14 18:26 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-14 18:26 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-14 18:26 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-03-14 18:26 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-14 18:26 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-03-14 18:26 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-14 18:26 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-03-14 18:26 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-14 18:26 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-03-14 18:26 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-14 18:26 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-14 18:26 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-03-14 18:26 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-03-14 18:26 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-14 18:26 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-14 18:26 - 2014-01-27 12:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-03-14 18:26 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-03-14 18:26 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-14 18:26 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-03-14 18:26 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-03-14 18:26 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-14 18:26 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-03-14 18:26 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 20:00 - 2014-03-12 20:00 - 00000000 ____D () C:\Users\felix\AppData\Roaming\AppBooster
2014-03-12 19:14 - 2014-03-12 19:14 - 09490912 _____ (appsmaker ) C:\Users\felix\Downloads\AppBooster20_Basic_Setup.exe
2014-03-12 07:22 - 2014-03-12 19:12 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\Documents\Ashampoo Burning Studio FREE
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Local\ashampoo
2014-03-12 07:21 - 2014-03-12 07:21 - 29588704 _____ (Ashampoo GmbH & Co. KG ) C:\Users\felix\Downloads\ashampoo_burning_studio_free_1.12.0.exe
2014-03-12 07:16 - 2014-03-12 07:16 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:16 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\DVDVideoSoft
2014-03-12 07:12 - 2014-03-12 07:13 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\felix\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
2014-03-10 00:42 - 2014-03-10 00:54 - 00231960 _____ () C:\Windows\RegBootClean64.exe
2014-03-09 17:35 - 2014-03-14 18:21 - 00000145 _____ () C:\Windows\setupact.log
2014-03-09 17:35 - 2014-03-09 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:52 - 2014-03-09 10:52 - 00000000 ____D () C:\Users\felix\Documents\Shadowrun Returns
2014-03-09 10:51 - 2014-03-09 10:51 - 00000000 ____D () C:\Users\felix\AppData\Local\Harebrained Schemes
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\Documents\NBGI
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\AppData\Local\NBGI
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-09 10:13 - 2014-03-09 10:14 - 00017533 _____ () C:\Windows\DirectX.log
2014-03-08 23:58 - 2014-03-08 23:58 - 00000000 ____D () C:\Users\felix\Documents\Red Wasp Design Ltd
2014-03-08 23:57 - 2014-03-08 23:57 - 00000954 _____ () C:\Users\UpdatusUser\Desktop\Call.of.Cthulhu.The.Wasted.Land.lnk
2014-03-08 18:24 - 2014-03-08 18:24 - 00017476 _____ () C:\Users\felix\Downloads\66148fd2585fc768b140a33cd3a1cc5d.dlc
2014-03-02 12:16 - 2014-03-02 12:16 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard
2014-03-02 00:40 - 2014-03-02 00:43 - 219694912 _____ (NVIDIA Corporation) C:\Users\felix\Downloads\334.89-desktop-win8-win7-winvista-32bit-international-whql.exe
2014-03-01 18:59 - 2014-03-01 19:00 - 01467128 _____ () C:\Users\felix\Downloads\SystemCheck_deDE.exe
2014-02-28 22:36 - 2014-02-28 22:36 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Awesomium
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\Users\felix\Documents\Elder Scrolls Online
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 00:37 - 2014-03-15 09:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-27 00:37 - 2014-03-15 09:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-27 00:36 - 2014-02-27 00:36 - 13079688 _____ (Microsoft Corporation) C:\Users\felix\Downloads\Silverlight_x64.exe
2014-02-24 21:28 - 2014-03-23 09:35 - 01107960 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 17:18 - 2014-02-21 17:18 - 00000000 ___HD () C:\TMRescueDisk
2014-02-21 17:14 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-21 17:13 - 2014-02-21 17:13 - 00003264 _____ () C:\Windows\System32\Tasks\Titanium BTC
2014-02-21 17:13 - 2014-02-21 17:13 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-21 17:13 - 2013-09-04 07:24 - 00116264 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2014-02-21 17:13 - 2013-09-04 07:22 - 00085424 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2014-02-21 17:13 - 2013-09-04 07:17 - 00282624 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-02-21 17:13 - 2013-07-11 03:39 - 00037904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys
2014-02-21 17:13 - 2013-07-08 04:16 - 00103712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2014-02-21 17:13 - 2013-07-01 14:08 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2014-02-21 17:13 - 2013-06-13 07:35 - 00100640 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2014-02-21 17:13 - 2013-05-15 11:23 - 00303392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2014-02-21 17:12 - 2014-03-10 00:42 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-21 17:12 - 2014-02-21 17:12 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-21 17:11 - 2014-02-21 17:11 - 00000036 _____ () C:\Users\felix\AppData\Local\housecall.guid.cache
2014-02-21 16:32 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Local\Trend Micro
2014-02-21 16:31 - 2014-01-19 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-02-21 16:22 - 2014-02-21 16:22 - 06631328 _____ (Trend Micro Inc.) C:\Users\felix\Downloads\Titanium_Maximum_Security_2014.exe

==================== One Month Modified Files and Folders =======

2014-03-23 10:40 - 2014-03-16 19:58 - 00000000 ____D () C:\Users\felix\Desktop\anti malware
2014-03-23 10:40 - 2014-03-15 15:19 - 00000000 ____D () C:\FRST
2014-03-23 10:39 - 2014-03-23 10:39 - 00987442 _____ () C:\Users\felix\Downloads\SecurityCheck.exe
2014-03-23 10:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-23 10:36 - 2014-02-24 21:28 - 01107960 _____ () C:\Windows\WindowsUpdate.log
2014-03-23 10:36 - 2014-01-31 19:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{51E0EFB3-BE2E-4AB2-801A-36EFDADB99CB}
2014-03-23 10:10 - 2014-01-31 20:00 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-23 10:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-03-23 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-03-23 09:34 - 2014-01-31 19:17 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2294175808-4207890680-768246090-1002
2014-03-23 09:22 - 2014-03-23 09:22 - 02347384 _____ (ESET) C:\Users\felix\Downloads\esetsmartinstaller_enu (1).exe
2014-03-23 09:15 - 2014-03-15 09:12 - 00000000 __RDO () C:\Users\felix\SkyDrive
2014-03-23 09:15 - 2014-01-31 20:00 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-23 09:15 - 2014-01-31 19:11 - 00368590 _____ () C:\Users\felix\AppData\Local\BTServer.log
2014-03-23 02:25 - 2014-03-14 20:49 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TS3Client
2014-03-23 02:25 - 2014-01-31 20:56 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Skype
2014-03-22 21:59 - 2014-02-08 11:38 - 00000000 ____D () C:\Users\felix\AppData\Roaming\vlc
2014-03-22 21:53 - 2014-01-31 19:42 - 00000000 ____D () C:\Users\felix\AppData\Local\PMB Files
2014-03-22 21:53 - 2014-01-31 19:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-21 18:42 - 2013-11-27 10:06 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-21 18:42 - 2013-09-13 21:22 - 00765378 _____ () C:\Windows\system32\perfh007.dat
2014-03-21 18:42 - 2013-09-13 21:22 - 00159696 _____ () C:\Windows\system32\perfc007.dat
2014-03-21 18:36 - 2014-01-31 19:11 - 00000000 ___RD () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-21 18:36 - 2014-01-31 19:11 - 00000000 ___RD () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-21 18:36 - 2013-11-27 10:27 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-03-21 18:36 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-21 01:28 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-21 01:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-03-20 18:40 - 2014-01-31 19:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 18:39 - 2014-01-31 19:59 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 15:47 - 2014-03-19 15:47 - 02347384 _____ (ESET) C:\Users\felix\Downloads\esetsmartinstaller_enu.exe
2014-03-16 19:39 - 2014-03-16 19:37 - 00000000 ____D () C:\AdwCleaner
2014-03-16 19:39 - 2014-01-31 19:11 - 00001014 _____ () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 19:35 - 2014-03-15 09:10 - 00034894 _____ () C:\Windows\PFRO.log
2014-03-16 19:14 - 2014-03-16 19:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Malwarebytes
2014-03-16 19:12 - 2014-03-16 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 19:11 - 2014-03-16 19:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\felix\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 01:33 - 2013-08-22 15:44 - 00444792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 19:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-15 19:15 - 2014-01-31 19:10 - 00000000 ____D () C:\Users\felix
2014-03-15 15:24 - 2014-03-15 15:19 - 00058042 _____ () C:\Users\felix\Downloads\FRST.txt
2014-03-15 15:24 - 2014-03-15 15:19 - 00033396 _____ () C:\Users\felix\Downloads\Addition.txt
2014-03-15 09:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-03-15 09:12 - 2014-01-31 22:46 - 00000000 __RDO () C:\Users\felix\SkyDrive (2).old
2014-03-15 09:10 - 2014-02-27 00:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:10 - 2014-02-27 00:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 20:47 - 2014-03-14 20:47 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\felix\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-14 19:42 - 2014-03-14 19:42 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-14 18:21 - 2014-03-09 17:35 - 00000145 _____ () C:\Windows\setupact.log
2014-03-14 18:20 - 2014-01-31 20:38 - 00000000 ____D () C:\Windows\Razer Core
2014-03-12 22:05 - 2014-02-18 00:30 - 00000000 ____D () C:\Users\felix\AppData\Local\Battle.net
2014-03-12 21:43 - 2014-02-18 00:31 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-12 20:00 - 2014-03-12 20:00 - 00000000 ____D () C:\Users\felix\AppData\Roaming\AppBooster
2014-03-12 19:14 - 2014-03-12 19:14 - 09490912 _____ (appsmaker ) C:\Users\felix\Downloads\AppBooster20_Basic_Setup.exe
2014-03-12 19:12 - 2014-03-12 07:22 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\Documents\Ashampoo Burning Studio FREE
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Ashampoo
2014-03-12 07:22 - 2014-03-12 07:22 - 00000000 ____D () C:\Users\felix\AppData\Local\ashampoo
2014-03-12 07:21 - 2014-03-12 07:21 - 29588704 _____ (Ashampoo GmbH & Co. KG ) C:\Users\felix\Downloads\ashampoo_burning_studio_free_1.12.0.exe
2014-03-12 07:17 - 2014-02-04 19:26 - 00108032 ___SH () C:\Users\felix\Downloads\Thumbs.db
2014-03-12 07:16 - 2014-03-12 07:16 - 00000000 ____D () C:\Users\felix\AppData\Roaming\TuneUp Software
2014-03-12 07:16 - 2014-03-12 07:14 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-12 07:14 - 2014-03-12 07:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\DVDVideoSoft
2014-03-12 07:13 - 2014-03-12 07:12 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\felix\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
2014-03-10 00:54 - 2014-03-10 00:42 - 00231960 _____ () C:\Windows\RegBootClean64.exe
2014-03-10 00:42 - 2014-02-21 17:12 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-03-09 17:35 - 2014-03-09 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:55 - 2014-02-01 02:09 - 00000000 ____D () C:\Users\felix\Desktop\gamez
2014-03-09 10:52 - 2014-03-09 10:52 - 00000000 ____D () C:\Users\felix\Documents\Shadowrun Returns
2014-03-09 10:51 - 2014-03-09 10:51 - 00000000 ____D () C:\Users\felix\AppData\Local\Harebrained Schemes
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\Documents\NBGI
2014-03-09 10:18 - 2014-03-09 10:18 - 00000000 ____D () C:\Users\felix\AppData\Local\NBGI
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-03-09 10:14 - 2014-03-09 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-09 10:14 - 2014-03-09 10:13 - 00017533 _____ () C:\Windows\DirectX.log
2014-03-08 23:58 - 2014-03-08 23:58 - 00000000 ____D () C:\Users\felix\Documents\Red Wasp Design Ltd
2014-03-08 23:57 - 2014-03-08 23:57 - 00000954 _____ () C:\Users\UpdatusUser\Desktop\Call.of.Cthulhu.The.Wasted.Land.lnk
2014-03-08 18:24 - 2014-03-08 18:24 - 00017476 _____ () C:\Users\felix\Downloads\66148fd2585fc768b140a33cd3a1cc5d.dlc
2014-03-08 08:19 - 2014-01-31 19:11 - 00000000 ____D () C:\Users\felix\AppData\Local\Packages
2014-03-08 02:29 - 2014-02-09 01:09 - 00000000 ____D () C:\ProgramData\Steam
2014-03-08 02:29 - 2014-02-02 11:37 - 00000000 ____D () C:\Users\felix\Documents\My Games
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 12:16 - 2014-03-02 12:16 - 00000000 ____D () C:\Users\felix\AppData\Local\Blizzard
2014-03-02 00:43 - 2014-03-02 00:40 - 219694912 _____ (NVIDIA Corporation) C:\Users\felix\Downloads\334.89-desktop-win8-win7-winvista-32bit-international-whql.exe
2014-03-01 23:24 - 2014-02-01 01:57 - 00007605 _____ () C:\Users\felix\AppData\Local\resmon.resmoncfg
2014-03-01 19:00 - 2014-03-01 18:59 - 01467128 _____ () C:\Users\felix\Downloads\SystemCheck_deDE.exe
2014-03-01 07:05 - 2014-03-14 18:27 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-14 18:27 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-14 18:27 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-14 18:27 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-14 18:27 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-14 18:27 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-14 18:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-14 18:27 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-14 18:27 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-14 18:27 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-14 18:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-14 18:27 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-14 18:27 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-14 18:27 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-14 18:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-14 18:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-14 18:27 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 22:36 - 2014-02-28 22:36 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Awesomium
2014-02-28 20:57 - 2014-01-31 19:57 - 00000127 _____ () C:\Users\felix\AppData\Roaming\WB.CFG
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\Users\felix\Documents\Elder Scrolls Online
2014-02-28 00:13 - 2014-02-28 00:13 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 00:36 - 2014-02-27 00:36 - 13079688 _____ (Microsoft Corporation) C:\Users\felix\Downloads\Silverlight_x64.exe
2014-02-21 17:18 - 2014-02-21 17:18 - 00000000 ___HD () C:\TMRescueDisk
2014-02-21 17:14 - 2014-02-21 17:14 - 00000000 ____D () C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-02-21 17:14 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\felix\AppData\Local\Trend Micro
2014-02-21 17:13 - 2014-02-21 17:13 - 00003264 _____ () C:\Windows\System32\Tasks\Titanium BTC
2014-02-21 17:13 - 2014-02-21 17:13 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2014-02-21 17:13 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-02-21 17:12 - 2014-02-21 17:12 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-21 17:11 - 2014-02-21 17:11 - 00000036 _____ () C:\Users\felix\AppData\Local\housecall.guid.cache
2014-02-21 17:09 - 2013-11-27 10:31 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-21 17:09 - 2013-11-27 10:31 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-02-21 16:22 - 2014-02-21 16:22 - 06631328 _____ (Trend Micro Inc.) C:\Users\felix\Downloads\Titanium_Maximum_Security_2014.exe
2014-02-21 07:04 - 2014-01-31 20:38 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2014-02-21 07:04 - 2014-01-31 20:38 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys

Some content of TEMP:
====================
C:\Users\felix\AppData\Local\Temp\52845uninstall.exe
C:\Users\felix\AppData\Local\Temp\Quarantine.exe
C:\Users\felix\AppData\Local\Temp\Sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-14 18:26] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-21 20:06

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 24.03.2014 10:12
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
D:\$RECYCLE.BIN

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

fulloverdose 24.03.2014 23:22
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by felix at 2014-03-24 23:21:10 Run:1
Running from C:\Users\felix\Desktop\anti malware
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
D:\$RECYCLE.BIN
*****************

D:\$RECYCLE.BIN => Moved successfully.

==== End of Fixlog ====

schrauber 25.03.2014 12:47
fertig :)

fulloverdose 25.03.2014 16:17
also nochmals vielen dank an dich und dieses forum...
mein voller respekt gehört euch!!!!!

eine kurze frage hätte ich noch ...
ich benutze trend micro titanium
dort gibt es eine funktion daten sichern...
man gibt zb die letzeten 4 stellen seiner kreditkarte an und diese ist dann durch die funktion gesichert bzw soll laut hersteller nicht ungewusst den pc verlassen...

das programm zeigt mir ab und zu an das es verhindert hat das meine eingegebene nummer den pc verlässt ..was soll ich davon halten...?

schrauber 26.03.2014 11:18
Dazu bräuchte ich schon mehr Info, Screenshot von der Meldung oder en Logfile :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:17 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27