Hi,
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Pascal Prochnow (administrator) on PASCAL on 15-03-2014 18:12:46
Running from C:\Users\Pascal Prochnow\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Program Files (x86)\Mobogenie\MgAssist.exe
() C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\CppWindowsService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373592 2012-09-26] (Alcor Micro Corp.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [766656 2014-01-09] ()
HKLM-x32\...\Run: [Trend Micro RUBotted V2.0 Beta] - C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe [1102872 2013-07-25] (Trend Micro Inc.)
HKU\S-1-5-21-3493051191-844017757-866256003-1001\...\Run: [lollipop] - "c:\users\pascal prochnow\appdata\local\lollipop\lollipop.exe" lollipop
HKU\S-1-5-21-3493051191-844017757-866256003-1001\...\Run: [NextLive] - C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Pascal Prochnow\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
Startup: C:\Users\Pascal Prochnow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=3693BA763F1FD41F&affID=119357&tt=080913_ctrl&tsp=4999
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
SearchScopes: HKLM - {78DFEF65-234F-4340-AC3D-B5130625D59D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
SearchScopes: HKLM-x32 - {78DFEF65-234F-4340-AC3D-B5130625D59D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3693BA763F1FD41F&affID=119357&tt=080913_ctrl&tsp=4999
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389975873&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXB1E92FTU89FTU89&q={searchTerms}
SearchScopes: HKCU - {78DFEF65-234F-4340-AC3D-B5130625D59D} URL =
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll No File
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Plus-HD-3.8 - {11111111-1111-1111-1111-110311901130} - C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll (Plus HD)
BHO-x32: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - No File
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{7399EE04-C00C-4121-A901-F1E0023FC1D2}: [NameServer]156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{BB4E5F2D-A4EC-48EF-8FC9-BB8D119FC41E}: [NameServer]156.154.70.25,156.154.71.25
Chrome:
=======
CHR Extension: (Iminent) - C:\Users\Pascal Prochnow\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-08-30]
CHR Extension: (Plus-HD-3.8) - C:\Users\Pascal Prochnow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files (x86)\LyriXeeker\125.crx [2013-08-30]
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-15] (Adobe Systems)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-20] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [70848 2014-03-13] ()
R2 MS_Virtual_Monitor; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\CppWindowsService.exe [85504 2013-09-03] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-03-06] (Dritek System INC.)
S2 RUBotSrv; C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2921280 2014-02-26] (Iminent)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-03-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-17] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [129536 2013-07-05] (Advanced Micro Devices)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [715824 2013-11-14] (COMODO)
R1 cmdhlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38072 2013-09-24] (COMODO)
S0 fxmecv; No ImagePath
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [118400 2013-09-24] (COMODO)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-01] (Microsoft Corporation)
S0 lqffzi; No ImagePath
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S0 mjvhhu; No ImagePath
S0 nckkof; No ImagePath
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-06] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
S0 qxuaja; No ImagePath
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-01] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-15 18:09 - 2014-03-15 18:12 - 00034047 ____C () C:\Users\Pascal Prochnow\Downloads\Addition.txt
2014-03-15 18:05 - 2014-03-15 18:14 - 00015411 ____C () C:\Users\Pascal Prochnow\Downloads\FRST.txt
2014-03-15 18:05 - 2014-03-15 18:12 - 00000000 ___DC () C:\FRST
2014-03-15 18:02 - 2014-03-15 18:03 - 02157056 ____C (Farbar) C:\Users\Pascal Prochnow\Downloads\FRST64.exe
2014-03-15 14:31 - 2014-03-15 14:31 - 00057160 ____C () C:\Users\Pascal Prochnow\Downloads\Extras.Txt
2014-03-15 14:27 - 2014-03-15 14:27 - 00113886 ____C () C:\Users\Pascal Prochnow\Downloads\OTL.Txt
2014-03-15 13:40 - 2014-03-15 13:40 - 00602112 ____C (OldTimer Tools) C:\Users\Pascal Prochnow\Downloads\OTL.exe
2014-03-15 13:28 - 2014-03-15 17:02 - 01162164 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-15 13:26 - 2014-03-15 13:26 - 00007256 _____ () C:\WINDOWS\PFRO.log
2014-03-15 13:04 - 2014-03-15 13:22 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner (4)
2014-03-15 12:53 - 2014-03-15 12:53 - 00000046 _____ () C:\WINDOWS\wininit.ini
2014-03-15 09:24 - 2014-03-15 09:24 - 00058430 ____C () C:\Users\Pascal Prochnow\Downloads\Weltgrafiken260_Social_Media.jpeg
2014-03-09 08:51 - 2014-03-15 13:29 - 00000000 __RDO () C:\Users\Pascal Prochnow\SkyDrive
2014-03-08 20:24 - 2014-03-08 20:24 - 04765152 ____C (Piriform Ltd) C:\Users\Pascal Prochnow\Downloads\ccsetup411.exe
2014-03-07 18:20 - 2014-03-07 18:20 - 00290276 _____ () C:\Users\Pascal Prochnow\AppData\Local\census.cache
2014-03-07 18:18 - 2014-03-07 18:18 - 00109002 _____ () C:\Users\Pascal Prochnow\AppData\Local\ars.cache
2014-03-07 17:04 - 2014-03-07 17:04 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-07 17:02 - 2014-03-07 17:03 - 06229392 ____C (Trend Micro, Inc. ) C:\Users\Pascal Prochnow\Downloads\RUBottedSetup.exe
2014-03-07 17:00 - 2014-03-07 17:00 - 02405664 ____C (Trend Micro Inc.) C:\Users\Pascal Prochnow\Downloads\HousecallLauncher64.exe
2014-03-07 17:00 - 2014-03-07 17:00 - 00000036 _____ () C:\Users\Pascal Prochnow\AppData\Local\housecall.guid.cache
2014-03-05 14:24 - 2014-03-05 14:24 - 00014076 ____C () C:\Users\Pascal Prochnow\Documents\Gedicht.odt
2014-03-01 13:47 - 2014-03-01 13:57 - 00012512 ____C () C:\Users\Pascal Prochnow\Downloads\CoolVLViewer-1.26.10.12-Windows-Setup (2).exe
2014-03-01 10:37 - 2014-03-01 10:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-27 20:50 - 2014-03-15 14:37 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner 8
2014-02-27 20:50 - 2014-02-27 20:52 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner (3)
2014-02-26 05:16 - 2014-03-03 22:03 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner (2)
2014-02-23 15:12 - 2014-02-17 22:00 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-23 15:12 - 2014-02-17 22:00 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-23 10:03 - 2014-02-23 10:03 - 00012512 ____C () C:\Users\Pascal Prochnow\Downloads\CoolVLViewer-1.26.10.12-Windows-Setup (1).exe
2014-02-23 09:59 - 2014-02-23 09:59 - 00012512 ____C () C:\Users\Pascal Prochnow\Downloads\CoolVLViewer-1.26.10.12-Windows-Setup.exe
2014-02-23 09:18 - 2014-01-07 06:00 - 02397184 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-23 09:18 - 2014-01-07 05:30 - 02071552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-23 09:18 - 2013-11-21 07:42 - 04604416 ____C (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-23 09:18 - 2013-11-21 06:44 - 03936256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-23 09:16 - 2014-02-06 12:30 - 02724864 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-23 09:16 - 2014-02-06 12:30 - 00004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-23 09:16 - 2014-02-06 12:12 - 02765824 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-23 09:16 - 2014-02-06 12:07 - 00066048 ____C (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-23 09:16 - 2014-02-06 12:06 - 00048640 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-23 09:16 - 2014-02-06 11:56 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-23 09:16 - 2014-02-06 11:48 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-23 09:16 - 2014-02-06 11:38 - 17103872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-23 09:16 - 2014-02-06 11:20 - 02724864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-23 09:16 - 2014-02-06 11:01 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-23 09:16 - 2014-02-06 11:00 - 00051200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-23 09:16 - 2014-02-06 10:57 - 02168320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-23 09:16 - 2014-02-06 10:57 - 00627200 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-23 09:16 - 2014-02-06 10:52 - 00043008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-23 09:16 - 2014-02-06 10:52 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-23 09:16 - 2014-02-06 10:50 - 02041856 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-23 09:16 - 2014-02-06 10:46 - 00553472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-23 09:16 - 2014-02-06 10:13 - 00524288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-23 09:16 - 2014-02-06 10:09 - 01964032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-23 09:16 - 2014-02-06 10:03 - 11266048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-23 09:16 - 2014-02-06 09:55 - 01393664 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-23 09:16 - 2014-02-06 09:36 - 01156096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-23 09:16 - 2013-12-09 03:57 - 00548864 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-23 09:16 - 2013-12-09 02:51 - 00454656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-23 09:16 - 2013-12-09 01:27 - 02152448 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-23 09:16 - 2013-12-09 00:54 - 01317376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-23 09:15 - 2014-02-06 13:16 - 23170048 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-23 09:15 - 2014-02-06 11:57 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-23 09:15 - 2014-02-06 11:49 - 00139264 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-23 09:15 - 2014-02-06 11:48 - 00708608 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-23 09:15 - 2014-02-06 11:32 - 00218624 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-23 09:15 - 2014-02-06 11:17 - 00195584 ____C (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-23 09:15 - 2014-02-06 11:11 - 05768704 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-23 09:15 - 2014-02-06 10:47 - 00112128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-23 09:15 - 2014-02-06 10:25 - 04244480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-23 09:15 - 2014-02-06 10:25 - 00164864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-23 09:15 - 2014-02-06 10:24 - 02334208 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-23 09:15 - 2014-02-06 10:22 - 13051392 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-23 09:15 - 2014-02-06 09:41 - 01820160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-23 09:15 - 2014-02-06 09:40 - 00817664 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-23 09:15 - 2014-02-06 09:34 - 00703488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-23 09:14 - 2013-12-09 01:19 - 00570880 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-23 09:14 - 2013-12-09 00:55 - 00444928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-23 09:12 - 2014-01-04 21:50 - 01462216 ____C (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-23 09:12 - 2014-01-04 20:22 - 01202888 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-23 09:12 - 2014-01-04 15:30 - 13209088 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-23 09:12 - 2014-01-04 15:23 - 11702272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-23 09:12 - 2014-01-04 15:03 - 00919040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-23 09:12 - 2014-01-04 14:47 - 00628736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-23 09:12 - 2014-01-04 14:42 - 01105408 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-23 09:12 - 2014-01-04 14:40 - 07416832 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-23 09:12 - 2014-01-04 14:36 - 00830976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-23 09:12 - 2014-01-04 14:28 - 04961792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-23 09:12 - 2013-12-21 03:10 - 00009701 ____C () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-23 09:12 - 2013-12-21 03:10 - 00009701 ____C () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-23 09:03 - 2013-12-20 11:10 - 01113040 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-23 09:03 - 2013-12-20 07:13 - 00835584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-21 18:44 - 2014-02-21 18:51 - 00000000 ____D () C:\Program Files (x86)\Firestorm-Beta
2014-02-21 18:42 - 2014-02-21 18:43 - 46383872 ____C () C:\Users\Pascal Prochnow\Downloads\Phoenix-Firestorm-Beta-4-5-1-38838_SetupSL (1).exe
2014-02-18 18:08 - 2014-03-06 19:29 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Local\Firestorm
2014-02-18 18:08 - 2014-02-22 12:05 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Roaming\Firestorm
2014-02-18 17:41 - 2014-02-18 17:42 - 46383872 ____C () C:\Users\Pascal Prochnow\Downloads\Phoenix-Firestorm-Beta-4-5-1-38838_SetupSL.exe
2014-02-18 16:32 - 2014-02-18 17:38 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Local\SecondLife
2014-02-18 16:32 - 2014-02-18 16:34 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Roaming\SecondLife
2014-02-18 16:30 - 2014-02-18 16:30 - 31489128 ____C () C:\Users\Pascal Prochnow\Downloads\Second_Life_3_7_1_286557_i686_Setup.exe
2014-02-14 17:52 - 2014-02-14 17:52 - 00018833 ____C () C:\Users\Pascal Prochnow\Documents\2.odt
==================== One Month Modified Files and Folders =======
2014-03-15 18:15 - 2014-01-01 12:15 - 00000332 ____C () C:\WINDOWS\Tasks\SaveSense.job
2014-03-15 18:14 - 2014-03-15 18:05 - 00015411 ____C () C:\Users\Pascal Prochnow\Downloads\FRST.txt
2014-03-15 18:12 - 2014-03-15 18:09 - 00034047 ____C () C:\Users\Pascal Prochnow\Downloads\Addition.txt
2014-03-15 18:12 - 2014-03-15 18:05 - 00000000 ___DC () C:\FRST
2014-03-15 18:06 - 2013-07-09 15:52 - 01474832 ____C () C:\WINDOWS\system32\Drivers\sfi.dat
2014-03-15 18:03 - 2014-03-15 18:02 - 02157056 ____C (Farbar) C:\Users\Pascal Prochnow\Downloads\FRST64.exe
2014-03-15 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-15 17:57 - 2014-01-17 17:32 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37AEFDEB-726C-449E-95E5-9D55AAD0A6BF}
2014-03-15 17:40 - 2013-07-09 08:41 - 00000884 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-15 17:02 - 2014-03-15 13:28 - 01162164 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-15 16:49 - 2013-08-30 21:49 - 00001324 ____C () C:\WINDOWS\Tasks\Plus-HD-3.8-updater.job
2014-03-15 16:49 - 2013-08-30 21:49 - 00001230 ____C () C:\WINDOWS\Tasks\Plus-HD-3.8-codedownloader.job
2014-03-15 16:49 - 2013-08-30 21:49 - 00001128 ____C () C:\WINDOWS\Tasks\Plus-HD-3.8-enabler.job
2014-03-15 16:48 - 2013-08-30 21:48 - 00001938 ____C () C:\WINDOWS\Tasks\Plus-HD-3.8-chromeinstaller.job
2014-03-15 14:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-15 14:37 - 2014-02-27 20:50 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner 8
2014-03-15 14:36 - 2013-07-09 00:18 - 02290176 __SHC () C:\Users\Pascal Prochnow\Desktop\Thumbs.db
2014-03-15 14:31 - 2014-03-15 14:31 - 00057160 ____C () C:\Users\Pascal Prochnow\Downloads\Extras.Txt
2014-03-15 14:27 - 2014-03-15 14:27 - 00113886 ____C () C:\Users\Pascal Prochnow\Downloads\OTL.Txt
2014-03-15 14:23 - 2013-07-09 10:43 - 01249792 __SHC () C:\Users\Pascal Prochnow\Downloads\Thumbs.db
2014-03-15 13:40 - 2014-03-15 13:40 - 00602112 ____C (OldTimer Tools) C:\Users\Pascal Prochnow\Downloads\OTL.exe
2014-03-15 13:33 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-15 13:33 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-15 13:33 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-15 13:32 - 2013-07-09 02:06 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3493051191-844017757-866256003-1001
2014-03-15 13:29 - 2014-03-09 08:51 - 00000000 __RDO () C:\Users\Pascal Prochnow\SkyDrive
2014-03-15 13:28 - 2014-01-17 17:24 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-15 13:27 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-15 13:27 - 2013-07-30 06:18 - 00000422 ____C () C:\WINDOWS\Tasks\LyricXeeker Update.job
2014-03-15 13:26 - 2014-03-15 13:26 - 00007256 _____ () C:\WINDOWS\PFRO.log
2014-03-15 13:23 - 2013-07-09 01:54 - 00000000 ___DC () C:\Users\Pascal Prochnow\AppData\Local\Packages
2014-03-15 13:22 - 2014-03-15 13:04 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner (4)
2014-03-15 13:21 - 2014-01-01 12:15 - 00000000 ___DC () C:\Program Files (x86)\SaveSenseLive
2014-03-15 13:06 - 2013-08-08 17:18 - 00000000 __RDC () C:\Users\Pascal Prochnow\Desktop\Software
2014-03-15 13:03 - 2014-01-17 17:27 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Local\Mobogenie
2014-03-15 12:58 - 2014-01-17 17:25 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-03-15 12:56 - 2013-08-02 18:31 - 00000000 ___DC () C:\Program Files (x86)\MahJong Suite
2014-03-15 12:55 - 2013-10-21 22:22 - 00000000 ___DC () C:\Program Files (x86)\Free Zip Helper
2014-03-15 12:53 - 2014-03-15 12:53 - 00000046 _____ () C:\WINDOWS\wininit.ini
2014-03-15 10:45 - 2013-11-17 13:38 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Nokia
2014-03-15 10:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-15 09:24 - 2014-03-15 09:24 - 00058430 ____C () C:\Users\Pascal Prochnow\Downloads\Weltgrafiken260_Social_Media.jpeg
2014-03-14 16:19 - 2013-08-01 17:25 - 00004204 _____ () C:\WINDOWS\System32\Tasks\Software Updater
2014-03-14 07:27 - 2013-07-08 20:08 - 00000000 ___DC () C:\Program Files (x86)\Opera
2014-03-13 19:09 - 2013-07-09 15:16 - 00000000 ___DC () C:\Users\Pascal Prochnow\AppData\Roaming\vlc
2014-03-13 19:00 - 2013-08-27 16:44 - 00000000 ___DC () C:\Users\Pascal Prochnow\Documents\Lula
2014-03-11 22:41 - 2013-07-09 08:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-09 08:51 - 2014-01-01 19:04 - 00000000 ____D () C:\Users\Pascal Prochnow
2014-03-08 20:39 - 2013-08-01 17:28 - 00004208 _____ () C:\WINDOWS\System32\Tasks\Software Updater Ui
2014-03-08 20:25 - 2013-12-25 14:27 - 00000000 ___DC () C:\Program Files\CCleaner
2014-03-08 20:24 - 2014-03-08 20:24 - 04765152 ____C (Piriform Ltd) C:\Users\Pascal Prochnow\Downloads\ccsetup411.exe
2014-03-07 18:42 - 2014-01-18 11:09 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner
2014-03-07 18:20 - 2014-03-07 18:20 - 00290276 _____ () C:\Users\Pascal Prochnow\AppData\Local\census.cache
2014-03-07 18:18 - 2014-03-07 18:18 - 00109002 _____ () C:\Users\Pascal Prochnow\AppData\Local\ars.cache
2014-03-07 17:04 - 2014-03-07 17:04 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-07 17:03 - 2014-03-07 17:02 - 06229392 ____C (Trend Micro, Inc. ) C:\Users\Pascal Prochnow\Downloads\RUBottedSetup.exe
2014-03-07 17:00 - 2014-03-07 17:00 - 02405664 ____C (Trend Micro Inc.) C:\Users\Pascal Prochnow\Downloads\HousecallLauncher64.exe
2014-03-07 17:00 - 2014-03-07 17:00 - 00000036 _____ () C:\Users\Pascal Prochnow\AppData\Local\housecall.guid.cache
2014-03-06 19:29 - 2014-02-18 18:08 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Local\Firestorm
2014-03-05 14:24 - 2014-03-05 14:24 - 00014076 ____C () C:\Users\Pascal Prochnow\Documents\Gedicht.odt
2014-03-05 14:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-03 22:03 - 2014-02-26 05:16 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner (2)
2014-03-03 11:50 - 2014-01-17 17:28 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Local\cache
2014-03-01 13:57 - 2014-03-01 13:47 - 00012512 ____C () C:\Users\Pascal Prochnow\Downloads\CoolVLViewer-1.26.10.12-Windows-Setup (2).exe
2014-03-01 10:37 - 2014-03-01 10:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-28 04:41 - 2014-01-17 17:27 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Roaming\newnext.me
2014-02-28 04:41 - 2014-01-17 17:27 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Local\genienext
2014-02-27 20:52 - 2014-02-27 20:50 - 00000000 ___DC () C:\Users\Pascal Prochnow\Desktop\Neuer Ordner (3)
2014-02-27 17:38 - 2013-07-09 15:51 - 00000000 __SDC () C:\ProgramData\Shared Space
2014-02-23 16:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-23 15:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-23 10:04 - 2013-07-15 03:03 - 00000000 ___DC () C:\WINDOWS\system32\MRT
2014-02-23 10:03 - 2014-02-23 10:03 - 00012512 ____C () C:\Users\Pascal Prochnow\Downloads\CoolVLViewer-1.26.10.12-Windows-Setup (1).exe
2014-02-23 09:59 - 2014-02-23 09:59 - 00012512 ____C () C:\Users\Pascal Prochnow\Downloads\CoolVLViewer-1.26.10.12-Windows-Setup.exe
2014-02-23 09:57 - 2013-07-13 02:16 - 88567024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-22 12:05 - 2014-02-18 18:08 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Roaming\Firestorm
2014-02-22 11:30 - 2013-08-08 17:17 - 00000000 __RDC () C:\Users\Pascal Prochnow\Desktop\Kiste
2014-02-22 10:16 - 2013-08-30 21:53 - 00000000 ___DC () C:\Program Files (x86)\Iminent
2014-02-21 18:51 - 2014-02-21 18:44 - 00000000 ____D () C:\Program Files (x86)\Firestorm-Beta
2014-02-21 18:43 - 2014-02-21 18:42 - 46383872 ____C () C:\Users\Pascal Prochnow\Downloads\Phoenix-Firestorm-Beta-4-5-1-38838_SetupSL (1).exe
2014-02-18 17:42 - 2014-02-18 17:41 - 46383872 ____C () C:\Users\Pascal Prochnow\Downloads\Phoenix-Firestorm-Beta-4-5-1-38838_SetupSL.exe
2014-02-18 17:38 - 2014-02-18 16:32 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Local\SecondLife
2014-02-18 16:34 - 2014-02-18 16:32 - 00000000 ____D () C:\Users\Pascal Prochnow\AppData\Roaming\SecondLife
2014-02-18 16:30 - 2014-02-18 16:30 - 31489128 ____C () C:\Users\Pascal Prochnow\Downloads\Second_Life_3_7_1_286557_i686_Setup.exe
2014-02-17 22:00 - 2014-02-23 15:12 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2014-02-23 15:12 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-14 17:52 - 2014-02-14 17:52 - 00018833 ____C () C:\Users\Pascal Prochnow\Documents\2.odt
2014-02-14 15:15 - 2013-07-30 07:19 - 00000160 ____C () C:\Users\Pascal Prochnow\AppData\Roaming\WB.CFG
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-15 10:56
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Pascal Prochnow at 2014-03-15 18:16:27
Running from C:\Users\Pascal Prochnow\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Enabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
==================== Installed Programs ======================
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.162 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.7.42.61541 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.7.42.61541 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.20918 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D1ADA4B7-F774-BACA-3080-245F05F3A7D7}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0918.260.3365 - Ihr Firmenname) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.64 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.20 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0918.260.3365 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0521.224.2407 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0918.260.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0918.0259.3365 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0918.260.3365 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Clever Privacy (HKLM-x32\...\{9244271c-9897-4bd8-aa9f-e0f492690b90}) (Version: 1.0.0.44 - Covus Freemium GmbH)
Clever Privacy (x32 Version: 1.0.0.44 - Covus Freemium GmbH) Hidden
COMODO Internet Security Premium (HKLM\...\{A0BABADE-E154-4F08-97A1-2903CD110E88}) (Version: 6.2.20728.2847 - COMODO Security Solutions Inc.)
ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Firestorm-Beta (remove only) (HKLM-x32\...\Firestorm-Beta) (Version: 4.5.1.38838 - The Phoenix Firestorm Project, Inc.)
Free Driver Scout (HKLM-x32\...\{3e86525a-5e8c-45a5-84d4-927c775f10da}) (Version: 1.0.0.138 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.138 - Covus Freemium) Hidden
Free Video to MP3 Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.35.31.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.35.31.0 - Iminent) Hidden <==== ATTENTION
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Lollipop (HKCU\...\lollipop) (Version: - Lollipop Network, S.L.) <==== ATTENTION
lula TV Downloader (HKLM-x32\...\{27ba2050-6f2c-4a29-8e8b-d4996812d78f}) (Version: 1.0.0.29 - Freetec)
lula TV Downloader (x32 Version: 1.0.0.29 - Freetec) Hidden
LyricXeeker (HKLM-x32\...\lyrix@lyrixeeker.co) (Version: - LyriXeeker Tech)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 20.0.1387.77 (HKLM-x32\...\Opera 20.0.1387.77) (Version: 20.0.1387.77 - Opera Software ASA)
Plus-HD-3.8 (HKLM-x32\...\Plus-HD-3.8) (Version: 1.27.153.11 - Plus HD) <==== ATTENTION
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Trend Micro RUBotted 2.0 Beta (HKLM-x32\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WPM17.8.0.3325 (HKLM-x32\...\WPM) (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
23-02-2014 08:55:35 Windows Update
03-03-2014 05:18:38 Geplanter Prüfpunkt
12-03-2014 06:04:06 Geplanter Prüfpunkt
15-03-2014 11:50:51 Removed GeekBuddy.
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ___AC C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0256AD8C-D1AA-4BBC-BAB6-D8CE2D83FDA9} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {14F89DBC-BBEF-4E46-BA74-554F40843B19} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-18] ()
Task: {1E970127-C058-4922-9244-92C70987C9D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {36267E40-9429-4812-A768-19DF6264FEC7} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO)
Task: {3A4C2A89-D209-4C97-A505-DEF73A9ADE34} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3B94F6CA-A3C7-489A-AC7B-0A16F8694FD7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {41EF7E93-F411-45F7-9865-CAD46D428BC3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {42B82E21-5359-4812-9FB0-96DE46033760} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-11-11] (COMODO)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {67166ADC-F263-4381-82BC-E8E95572A2F5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B0ED91F-CE17-4941-B71E-3A931EBA57C8} - System32\Tasks\Plus-HD-3.8-codedownloader => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-08-30] (Plus HD) <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {879CE124-C1F6-4A31-B758-CCDA5F840A87} - System32\Tasks\LyricXeeker Update => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe
Task: {87BF4131-3442-4251-A4D3-523BAB746678} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-11-20] (COMODO)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {95986F32-3F0A-4D4D-A128-45627783D161} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {982D8070-AEEA-4EA7-97F6-D91A71EBFD79} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B5BEDC30-EAFF-43AA-8CFC-02AC4D1320BC} - System32\Tasks\DigitalSite => C:\Users\PASCAL~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {B751C257-9070-4B59-8FD9-DC6CD1902F08} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
Task: {BE7C2C47-8D8A-42B5-9970-1ADC15C5F2A8} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO)
Task: {C156DCB7-40BE-4474-90D9-92F6DD9D27A6} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO)
Task: {C966C8D4-2FA1-4031-8F42-6C5B50122723} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-18] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D5AF9979-D839-4BF8-8279-F0067AE1B009} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-08-16] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D9AB460C-FE81-46C6-85B3-7C6CF53774B6} - System32\Tasks\SaveSense => C:\Users\Pascal Prochnow\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {D9DC92B2-8F33-4862-937C-BD17B7D84218} - System32\Tasks\DealPly => C:\Users\PASCAL~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DA7D2580-3E3D-4A00-862B-564A775F4FD7} - System32\Tasks\PCCleaner1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free Computer Cleaner\1Click.exe
Task: {DBCD9A09-FE17-4D4C-9E44-4D9F1F582397} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EB3A052D-E2D6-427F-8AC9-54B5604AB773} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-23] (Microsoft Corporation)
Task: {EDEDD6B7-C00C-42DD-ADD9-8A384CDEA328} - System32\Tasks\Plus-HD-3.8-chromeinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe [2013-08-30] (Plus HD) <==== ATTENTION
Task: {F6655541-3A83-4A7D-AF69-8845DE4F2876} - System32\Tasks\Plus-HD-3.8-updater => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-08-30] (Plus HD) <==== ATTENTION
Task: {FA4F0F41-730C-429B-91C5-6DC8F3245B98} - System32\Tasks\Plus-HD-3.8-enabler => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DigitalSite.job => C:\Users\PASCAL~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\LyricXeeker Update.job => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe
Task: C:\WINDOWS\Tasks\Plus-HD-3.8-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-3.8-codedownloader.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-3.8-enabler.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-3.8-updater.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SaveSense.job => C:\Users\PASCAL~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-01-17 17:26 - 2014-03-13 17:17 - 00070848 _____ () C:\Program Files (x86)\Mobogenie\MgAssist.exe
2013-09-03 13:25 - 2013-09-03 09:19 - 00085504 _____ () C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\CppWindowsService.exe
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-01-17 17:26 - 2014-01-09 09:01 - 00766656 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2014-01-17 17:26 - 2014-01-09 08:50 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-01-17 17:26 - 2014-01-09 08:51 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2014-03-14 07:27 - 2014-03-12 12:40 - 01380192 ____C () C:\Program Files (x86)\Opera\20.0.1387.77\opera_crashreporter.exe
2014-03-14 07:27 - 2014-03-12 12:40 - 00908640 ____C () C:\Program Files (x86)\Opera\20.0.1387.77\libglesv2.dll
2014-03-14 07:27 - 2014-03-12 12:40 - 00108896 ____C () C:\Program Files (x86)\Opera\20.0.1387.77\libegl.dll
2014-03-14 07:27 - 2014-03-12 12:40 - 00895328 ____C () C:\Program Files (x86)\Opera\20.0.1387.77\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Pascal Prochnow\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Desura => C:\Program Files (x86)\Desura\desura.exe -autostart
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/15/2014 02:08:01 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/15/2014 01:02:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_Sony PC Companion, Version: 17.0.0.717, Zeitstempel: 0x4cab8cfa
Name des fehlerhaften Moduls: ISSetup.dll_unloaded, Version: 17.0.0.717, Zeitstempel: 0x4c97803f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000bdf70
ID des fehlerhaften Prozesses: 0x16e4
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_Sony PC Companion0
Pfad der fehlerhaften Anwendung: setup.exe_Sony PC Companion1
Pfad des fehlerhaften Moduls: setup.exe_Sony PC Companion2
Berichtskennung: setup.exe_Sony PC Companion3
Vollständiger Name des fehlerhaften Pakets: setup.exe_Sony PC Companion4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: setup.exe_Sony PC Companion5
Error: (03/15/2014 01:02:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_Sony PC Companion, Version: 17.0.0.717, Zeitstempel: 0x4cab8cfa
Name des fehlerhaften Moduls: DownloadManager.dll_unloaded, Version: 1.0.0.0, Zeitstempel: 0x4ffd9e32
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012140
ID des fehlerhaften Prozesses: 0x16e4
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_Sony PC Companion0
Pfad der fehlerhaften Anwendung: setup.exe_Sony PC Companion1
Pfad des fehlerhaften Moduls: setup.exe_Sony PC Companion2
Berichtskennung: setup.exe_Sony PC Companion3
Vollständiger Name des fehlerhaften Pakets: setup.exe_Sony PC Companion4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: setup.exe_Sony PC Companion5
Error: (03/15/2014 00:52:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: version_logging.exe, Version: 4.0.0.0, Zeitstempel: 0x530f1d82
Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 6.3.9600.16384, Zeitstempel: 0x52157d3a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003a00
ID des fehlerhaften Prozesses: 0x1014
Startzeit der fehlerhaften Anwendung: 0xversion_logging.exe0
Pfad der fehlerhaften Anwendung: version_logging.exe1
Pfad des fehlerhaften Moduls: version_logging.exe2
Berichtskennung: version_logging.exe3
Vollständiger Name des fehlerhaften Pakets: version_logging.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: version_logging.exe5
Error: (03/15/2014 10:59:54 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/14/2014 07:29:58 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/14/2014 05:02:01 PM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 103c
Startzeit: 01cf3f9e0385461e
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: f7f5aa78-ab91-11e3-beb3-089e01868995
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingNews_3.0.1.174_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexNews
Error: (03/14/2014 06:32:05 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/13/2014 06:55:09 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/12/2014 06:47:35 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
System errors:
=============
Error: (03/15/2014 02:32:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AppX-Bereitstellungsdienst (AppXSVC)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/15/2014 02:32:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AppX-Bereitstellungsdienst (AppXSVC) erreicht.
Error: (03/15/2014 02:32:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AppX-Bereitstellungsdienst (AppXSVC)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/15/2014 02:32:21 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AppX-Bereitstellungsdienst (AppXSVC) erreicht.
Error: (03/15/2014 01:30:13 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/15/2014 01:29:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AppX-Bereitstellungsdienst (AppXSVC)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/15/2014 01:29:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AppX-Bereitstellungsdienst (AppXSVC) erreicht.
Error: (03/15/2014 01:27:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Trend Micro RUBotted Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/15/2014 01:27:07 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Trend Micro RUBotted Service erreicht.
Error: (03/15/2014 11:35:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Store-Dienst (WSService)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (03/15/2014 02:08:01 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/15/2014 01:02:39 PM) (Source: Application Error)(User: )
Description: setup.exe_Sony PC Companion17.0.0.7174cab8cfaISSetup.dll_unloaded17.0.0.7174c97803fc0000005000bdf7016e401cf4046494d35b5C:\Users\PASCAL~1\AppData\Local\Temp\{41EA2695-0503-431A-BA3C-611076FAA36F}\setup.exeISSetup.dllb4178630-ac39-11e3-beb4-089e01868995
Error: (03/15/2014 01:02:29 PM) (Source: Application Error)(User: )
Description: setup.exe_Sony PC Companion17.0.0.7174cab8cfaDownloadManager.dll_unloaded1.0.0.04ffd9e32c00000050001214016e401cf4046494d35b5C:\Users\PASCAL~1\AppData\Local\Temp\{41EA2695-0503-431A-BA3C-611076FAA36F}\setup.exeDownloadManager.dllae2aeee8-ac39-11e3-beb4-089e01868995
Error: (03/15/2014 00:52:40 PM) (Source: Application Error)(User: )
Description: version_logging.exe4.0.0.0530f1d82OLEAUT32.dll6.3.9600.1638452157d3ac000000500003a00101401cf40450da03e5cC:\Program Files (x86)\COMODO\GeekBuddy\version_logging.exeC:\WINDOWS\SYSTEM32\OLEAUT32.dll4f094540-ac38-11e3-beb4-089e01868995
Error: (03/15/2014 10:59:54 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/14/2014 07:29:58 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/14/2014 05:02:01 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.16384103c01cf3f9e0385461e4294967295C:\WINDOWS\system32\backgroundTaskHost.exef7f5aa78-ab91-11e3-beb3-089e01868995Microsoft.BingNews_3.0.1.174_x64__8wekyb3d8bbweAppexNews
Error: (03/14/2014 06:32:05 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/13/2014 06:55:09 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/12/2014 06:47:35 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
CodeIntegrity Errors:
===================================
Date: 2014-03-15 18:15:33.017
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 18:05:03.560
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 17:54:20.458
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 16:35:08.806
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 15:58:26.734
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 15:39:50.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 15:01:35.051
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 14:36:57.036
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-15 14:33:29.017
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-15 14:33:28.988
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 56%
Total physical RAM: 1738.25 MB
Available physical RAM: 752.09 MB
Total Pagefile: 3658.25 MB
Available Pagefile: 1978.07 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:281.78 GB) (Free:48.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: FE7DF72A)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
