Pup.Optional.FindRight.A + .BrowserFox.A

yosherl · 17.02.2014, 19:35

Hallo Leute,

mein AnitMWB hat diese 2 2 Objekte gefunden.

Hier die Logfiles MwB und FRST:

Avast hat keine Funde.

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.17.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Richard ****:: DESKTOP [Administrator]

17.02.2014 19:00:10
MBAM-log-2014-02-17 (19-31-56).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 312312
Laufzeit: 28 Minute(n), 1 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 2
C:\Program Files (x86)\FindRight\updateFindRight.exe (PUP.Optional.FindRight.A) -> 2984 -> Keine Aktion durchgeführt.
C:\Program Files (x86)\FindRight\bin\utilFindRight.exe (PUP.Optional.FindRight.A) -> 2904 -> Keine Aktion durchgeführt.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 8
HKLM\SYSTEM\CurrentControlSet\Services\Update FindRight (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Util FindRight (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{2c774641-5504-46a8-b63f-6715ae3fe376} (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{c638abe2-47da-4351-b170-e6a673d25ca3} (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{4CCADDA1-60AD-48AA-97C2-FA892D2499FB} (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C774641-5504-46A8-B63F-6715AE3FE376} (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C774641-5504-46A8-B63F-6715AE3FE376} (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 6
C:\Program Files (x86)\FindRight\updateFindRight.exe (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\FindRight\bin\utilFindRight.exe (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\FindRight\FindRightBHO.dll (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
C:\Users\Richard ****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8LKSY3F\Setup[1].exe (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
C:\Users\Richard ****\AppData\Local\Temp\2Gu0ENIv.exe.part (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Richard ****\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.5.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

(Ende)

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by Richard **** (administrator) on DESKTOP on 17-02-2014 19:34:32
Running from J:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\FindRight\updateFindRight.exe
() C:\Program Files (x86)\FindRight\bin\utilFindRight.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe After Effects CC\Support Files\32\dynamiclinkmanager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Incorporated) G:\Photoshop7\Photoshop.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-02] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2633229710-3872475631-2564557350-1000\...\Run: [DAEMON Tools Lite] - G:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2633229710-3872475631-2564557350-1000\...\Run: [Speccy] - C:\Program Files\Speccy\Speccy64.exe [6691608 2013-11-13] (Piriform Ltd)
HKU\S-1-5-21-2633229710-3872475631-2564557350-1000\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FindRight - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Richard ****\AppData\Roaming\Mozilla\Firefox\Profiles\cxol3jfn.default
FF user.js: detected! => C:\Users\Richard ****\AppData\Roaming\Mozilla\Firefox\Profiles\cxol3jfn.default\user.js
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-04]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-18]

Chrome: 
=======
CHR HomePage: chrome://newtab
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (VLC Web Plugin) - G:\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (Google Docs) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-25]
CHR Extension: (Google Drive) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-25]
CHR Extension: (YouTube) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-25]
CHR Extension: (Google-Suche) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-25]
CHR Extension: (SnapDo) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj [2014-01-13]
CHR Extension: (RealDownloader) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-25]
CHR Extension: (Google Wallet) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Google Mail) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-02] (AVAST Software)
R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-06] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Update FindRight; C:\Program Files (x86)\FindRight\updateFindRight.exe [80672 2014-02-14] ()
R2 Util FindRight; C:\Program Files (x86)\FindRight\bin\utilFindRight.exe [80672 2014-02-16] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-02] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-09] (DT Soft Ltd)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc.              )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ScreamBAudioSvc; No ImagePath
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 ALSysIO; \??\C:\Users\RICHAR~1\AppData\Local\Temp\ALSysIO64.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 cpuz136; \??\C:\Users\RICHAR~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-17 10:32 - 2014-02-17 10:32 - 00009422 _____ () C:\Users\Richard ****\AppData\Local\recently-used.xbel
2014-02-16 21:32 - 2014-02-16 21:32 - 00001108 _____ () C:\Users\Richard ****\Desktop\Might & Magic Heroes VI - Verknüpfung.lnk
2014-02-16 19:52 - 2014-02-16 19:52 - 00000000 ____D () C:\Users\Richard ****\Documents\Freemake
2014-02-16 19:52 - 2014-02-16 19:52 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-02-16 19:52 - 2014-02-16 19:52 - 00000000 ____D () C:\ProgramData\Freemake
2014-02-16 19:51 - 2014-02-16 19:52 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-02-16 19:10 - 2014-02-16 19:10 - 00000000 ____D () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep Protokolle
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Canon
2014-02-16 15:36 - 2014-02-17 10:51 - 00385016 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep
2014-02-16 05:58 - 2014-02-16 05:58 - 00298618 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 1.aep
2014-02-16 05:47 - 2014-02-16 11:48 - 00000000 ____D () C:\Program Files (x86)\FindRight
2014-02-16 05:47 - 2014-02-16 05:47 - 08636780 _____ (www.video-gif-converter.com ) C:\Users\Richard ****\Downloads\freevideotogif [1].exe
2014-02-16 05:47 - 2014-02-16 05:47 - 00001219 _____ () C:\Users\Richard ****\Desktop\Free Video to GIF Converter.lnk
2014-02-16 05:47 - 2014-02-16 05:47 - 00000000 ____D () C:\Program Files (x86)\Free Video to GIF Converter
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\GreatSoft
2014-02-15 18:46 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-15 18:43 - 2014-02-17 19:11 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe After Effects Auto-Speichern
2014-02-15 18:02 - 2014-02-15 22:25 - 00170880 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt.aep
2014-02-15 18:01 - 2008-01-30 17:36 - 00090112 _____ (MindVision Software) C:\Windows\unvise32.exe
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REVisionEffects
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Program Files (x86)\REVisionEffects
2014-02-15 17:51 - 2014-02-15 17:51 - 00003520 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Desktop-Richard ****
2014-02-15 17:51 - 2014-02-15 17:51 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe
2014-02-15 17:51 - 2014-02-15 17:51 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\PDAppFlex
2014-02-15 17:50 - 2014-02-15 17:51 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-15 16:51 - 2014-02-15 17:17 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-15 16:51 - 2014-02-15 17:16 - 00000000 ____D () C:\Program Files\Adobe
2014-02-15 16:17 - 2014-02-15 16:17 - 00001074 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-02-15 16:14 - 2014-02-15 16:14 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Temp5f308940076fd01702277c379419c2d2
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-15 13:37 - 2014-02-17 18:03 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Might & Magic Heroes VI
2014-02-15 13:37 - 2014-02-16 06:14 - 00000000 ____D () C:\Users\Richard ****\Documents\Might & Magic Heroes VI
2014-02-15 13:37 - 2014-02-15 13:38 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Ubisoft Game Launcher
2014-02-15 13:10 - 2014-02-15 13:10 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-13 03:00 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 03:00 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 03:00 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 03:00 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 03:00 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 03:00 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 03:00 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 03:00 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 03:00 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 03:00 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 03:00 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 03:00 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 03:00 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 03:00 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 03:00 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 03:00 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 03:00 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 03:00 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 03:00 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 03:00 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 03:00 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 03:00 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 03:00 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 03:00 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 03:00 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 03:00 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 03:00 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 03:00 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 03:00 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 03:00 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 03:00 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 03:00 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 03:00 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 03:00 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 03:00 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 03:00 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 03:00 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 03:00 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 03:00 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 03:00 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 03:00 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 07:38 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 07:38 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 07:38 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 07:38 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 07:38 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 07:38 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 07:38 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 07:38 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:38 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 07:38 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:38 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 07:38 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:38 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:38 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 07:38 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 07:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 07:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 07:38 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 07:38 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 07:38 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 07:38 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 07:38 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:38 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 07:38 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-06 15:33 - 2014-02-06 15:33 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\NVIDIA Corporation
2014-02-06 15:32 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-06 15:32 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-06 15:31 - 2013-12-19 19:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-06 15:31 - 2013-12-19 06:01 - 03539040 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-06 15:30 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-06 15:30 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-02-06 15:30 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-06 15:30 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-06 15:30 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-06 15:30 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-06 15:30 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-06 15:30 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\Desktop\EverQuest Next Landmark (2).lnk
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EverQuest Next Landmark (2).lnk
2014-01-30 15:32 - 2014-01-30 15:32 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Wargaming.net
2014-01-30 12:02 - 2014-01-30 12:02 - 00000528 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-01-26 15:58 - 2014-01-26 15:58 - 00000636 _____ () C:\Users\Public\Desktop\ ac2launcher Application.lnk
2014-01-23 18:56 - 2014-01-23 18:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 18:56 - 2014-01-23 18:56 - 00000000 ____D () C:\Program Files\Java
2014-01-23 18:54 - 2014-01-23 18:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-23 18:53 - 2014-01-23 18:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-23 18:49 - 2014-01-23 18:49 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-23 11:00 - 2014-02-17 18:50 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\TS3Client
2014-01-23 11:00 - 2014-01-23 11:00 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-01-23 10:52 - 2014-01-23 10:52 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\NetSpeedMonitor
2014-01-23 10:51 - 2014-01-23 10:52 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-01-23 10:46 - 2014-01-23 10:46 - 00000000 ____D () C:\Users\Richard ****\Documents\Network Monitor 3
2014-01-20 10:08 - 2013-07-03 12:02 - 00000318 _____ () C:\Users\Richard ****\Desktop\Curse Client.appref-ms
2014-01-19 20:48 - 2014-01-20 12:06 - 00000000 ____D () C:\Users\Richard ****\Documents\RIFT
2014-01-19 11:08 - 2014-01-19 20:48 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\RIFT
2014-01-19 11:08 - 2014-01-19 11:08 - 00000528 _____ () C:\Users\Richard ****\Desktop\RIFT.lnk
2014-01-19 11:08 - 2014-01-19 11:08 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RIFT

==================== One Month Modified Files and Folders =======

2014-02-17 19:34 - 2013-09-04 07:04 - 00000000 ____D () C:\FRST
2014-02-17 19:22 - 2012-10-09 10:52 - 00000000 ____D () C:\Users\Richard ****\Documents\Outlook-Dateien
2014-02-17 19:11 - 2014-02-15 18:43 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe After Effects Auto-Speichern
2014-02-17 18:56 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-17 18:56 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-17 18:55 - 2011-04-12 08:43 - 00713556 _____ () C:\Windows\system32\perfh007.dat
2014-02-17 18:55 - 2011-04-12 08:43 - 00155492 _____ () C:\Windows\system32\perfc007.dat
2014-02-17 18:55 - 2009-07-14 06:13 - 01658748 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-17 18:51 - 2013-05-06 13:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-17 18:50 - 2014-01-23 11:00 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\TS3Client
2014-02-17 18:50 - 2013-06-25 16:46 - 01051903 _____ () C:\Windows\WindowsUpdate.log
2014-02-17 18:50 - 2012-09-30 02:15 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Adobe
2014-02-17 18:49 - 2013-11-06 14:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-17 18:49 - 2013-06-25 16:44 - 00055863 _____ () C:\Windows\setupact.log
2014-02-17 18:49 - 2013-06-25 13:56 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 18:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-17 18:43 - 2013-06-25 13:56 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 18:38 - 2012-09-29 01:55 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Skype
2014-02-17 18:03 - 2014-02-15 13:37 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Might & Magic Heroes VI
2014-02-17 12:38 - 2012-12-04 14:11 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C22BAB9-115F-42DC-933C-D0F775D5F0DC}
2014-02-17 11:02 - 2012-10-24 14:26 - 00000000 ____D () C:\Users\Richard ****\.gimp-2.8
2014-02-17 10:51 - 2014-02-16 15:36 - 00385016 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep
2014-02-17 10:32 - 2014-02-17 10:32 - 00009422 _____ () C:\Users\Richard ****\AppData\Local\recently-used.xbel
2014-02-17 10:15 - 2013-07-02 08:47 - 00370966 _____ () C:\Windows\PFRO.log
2014-02-16 22:09 - 2013-08-14 13:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 22:08 - 2012-09-28 22:15 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 21:32 - 2014-02-16 21:32 - 00001108 _____ () C:\Users\Richard ****\Desktop\Might & Magic Heroes VI - Verknüpfung.lnk
2014-02-16 21:06 - 2012-09-28 21:24 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\vlc
2014-02-16 19:52 - 2014-02-16 19:52 - 00000000 ____D () C:\Users\Richard ****\Documents\Freemake
2014-02-16 19:52 - 2014-02-16 19:52 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-02-16 19:52 - 2014-02-16 19:52 - 00000000 ____D () C:\ProgramData\Freemake
2014-02-16 19:52 - 2014-02-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-02-16 19:10 - 2014-02-16 19:10 - 00000000 ____D () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep Protokolle
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Canon
2014-02-16 14:49 - 2012-12-26 13:51 - 00001052 _____ () C:\Users\Richard ****\AppData\Roaming\gmic_sources.cimgz
2014-02-16 11:48 - 2014-02-16 05:47 - 00000000 ____D () C:\Program Files (x86)\FindRight
2014-02-16 06:14 - 2014-02-15 13:37 - 00000000 ____D () C:\Users\Richard ****\Documents\Might & Magic Heroes VI
2014-02-16 05:58 - 2014-02-16 05:58 - 00298618 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 1.aep
2014-02-16 05:53 - 2013-01-18 14:27 - 00003358 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2633229710-3872475631-2564557350-1000
2014-02-16 05:53 - 2013-01-18 14:27 - 00003244 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2633229710-3872475631-2564557350-1000
2014-02-16 05:47 - 2014-02-16 05:47 - 08636780 _____ (www.video-gif-converter.com ) C:\Users\Richard ****\Downloads\freevideotogif [1].exe
2014-02-16 05:47 - 2014-02-16 05:47 - 00001219 _____ () C:\Users\Richard ****\Desktop\Free Video to GIF Converter.lnk
2014-02-16 05:47 - 2014-02-16 05:47 - 00000000 ____D () C:\Program Files (x86)\Free Video to GIF Converter
2014-02-16 00:46 - 2012-10-27 19:17 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\inkscape
2014-02-16 00:45 - 2009-07-14 05:45 - 05120736 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-16 00:44 - 2013-09-04 08:57 - 00000000 ____D () C:\AdwCleaner
2014-02-15 22:25 - 2014-02-15 18:02 - 00170880 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt.aep
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\GreatSoft
2014-02-15 18:47 - 2014-02-15 18:46 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REVisionEffects
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Program Files (x86)\REVisionEffects
2014-02-15 17:51 - 2014-02-15 17:51 - 00003520 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Desktop-Richard ****
2014-02-15 17:51 - 2014-02-15 17:51 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe
2014-02-15 17:51 - 2014-02-15 17:51 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\PDAppFlex
2014-02-15 17:51 - 2014-02-15 17:50 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-15 17:51 - 2012-09-29 00:26 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Adobe
2014-02-15 17:51 - 2012-09-28 23:31 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\NVIDIA
2014-02-15 17:51 - 2012-09-28 22:53 - 00120080 _____ () C:\Users\Richard ****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-15 17:17 - 2014-02-15 16:51 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-15 17:16 - 2014-02-15 16:51 - 00000000 ____D () C:\Program Files\Adobe
2014-02-15 16:52 - 2012-09-29 00:25 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-15 16:17 - 2014-02-15 16:17 - 00001074 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-02-15 16:16 - 2012-09-29 02:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-15 16:14 - 2014-02-15 16:14 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Temp5f308940076fd01702277c379419c2d2
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-15 13:38 - 2014-02-15 13:37 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Ubisoft Game Launcher
2014-02-15 13:11 - 2013-09-09 13:22 - 00089979 _____ () C:\Windows\DirectX.log
2014-02-15 13:10 - 2014-02-15 13:10 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-15 13:10 - 2012-09-28 21:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-15 13:04 - 2012-10-09 10:25 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\DAEMON Tools Lite
2014-02-15 12:00 - 2013-02-14 18:40 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-15 12:00 - 2013-02-14 18:39 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-15 11:56 - 2013-02-14 18:39 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-15 11:55 - 2014-01-17 16:26 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-15 11:55 - 2013-02-14 16:44 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Deployment
2014-02-14 21:34 - 2012-09-28 20:33 - 00000000 ____D () C:\Users\Richard ****
2014-02-14 21:31 - 2013-01-15 13:16 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-02-14 21:31 - 2012-12-16 12:39 - 00000000 ____D () C:\Program Files (x86)\CEWE COLOR
2014-02-14 18:53 - 2013-06-27 19:41 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Arma 3
2014-02-14 11:18 - 2013-06-25 16:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 07:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 03:04 - 2012-10-09 10:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 03:01 - 2013-06-24 11:42 - 01632092 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 03:01 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-12 09:56 - 2014-01-09 11:04 - 00000000 ____D () C:\Users\Richard ****\Documents\Elder Scrolls Online
2014-02-12 09:56 - 2014-01-09 11:04 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-12 07:38 - 2013-06-25 13:56 - 00004124 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 07:38 - 2013-06-25 13:56 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-11 03:16 - 2014-01-10 17:06 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Awesomium
2014-02-06 18:58 - 2013-02-14 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-06 15:33 - 2014-02-06 15:33 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\NVIDIA Corporation
2014-02-06 15:33 - 2013-11-06 14:00 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-06 15:33 - 2013-09-04 14:04 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\NVIDIA
2014-02-06 15:32 - 2012-09-28 22:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-06 15:32 - 2012-09-28 22:30 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-06 15:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-06 15:06 - 2013-02-14 09:52 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 15:06 - 2012-09-28 02:29 - 00370721 ____N () C:\Windows\Minidump\020614-7160-01.dmp
2014-02-06 13:16 - 2014-02-13 03:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 03:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 03:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 03:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 03:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 03:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 03:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 03:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 03:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 03:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 03:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 03:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 03:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 03:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 03:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 15:51 - 2013-05-06 13:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 15:51 - 2013-05-06 13:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 15:51 - 2013-05-06 13:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 20:42 - 2013-06-25 13:57 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 15:43 - 2013-02-18 14:59 - 00000000 ____D () C:\ProgramData\Apple
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\Desktop\EverQuest Next Landmark (2).lnk
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EverQuest Next Landmark (2).lnk
2014-02-03 10:29 - 2013-09-04 13:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-02 09:53 - 2014-01-06 00:49 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-02 09:53 - 2013-12-14 01:46 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-02 09:53 - 2013-09-04 13:12 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-02 09:53 - 2013-09-04 13:12 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-02 09:53 - 2013-09-04 13:12 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-02 09:53 - 2013-09-04 13:12 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-02 09:53 - 2013-09-04 13:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-01 10:30 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-30 15:32 - 2014-01-30 15:32 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Wargaming.net
2014-01-30 12:02 - 2014-01-30 12:02 - 00000528 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-01-30 12:02 - 2013-04-23 12:52 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-26 15:58 - 2014-01-26 15:58 - 00000636 _____ () C:\Users\Public\Desktop\ ac2launcher Application.lnk
2014-01-26 14:31 - 2013-09-05 13:45 - 00000000 ____D () C:\Program Files\Recuva
2014-01-25 11:11 - 2013-03-02 14:59 - 00000000 ____D () C:\Users\Richard ****\Desktop\TTZ
2014-01-23 18:56 - 2014-01-23 18:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 18:56 - 2014-01-23 18:56 - 00000000 ____D () C:\Program Files\Java
2014-01-23 18:54 - 2014-01-23 18:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-23 18:53 - 2014-01-23 18:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-23 18:53 - 2012-10-20 18:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-23 18:49 - 2014-01-23 18:49 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-23 11:00 - 2014-01-23 11:00 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-01-23 11:00 - 2012-09-28 23:07 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-01-23 10:57 - 2013-09-04 13:29 - 00000000 ____D () C:\Teamspeak
2014-01-23 10:52 - 2014-01-23 10:52 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\NetSpeedMonitor
2014-01-23 10:52 - 2014-01-23 10:51 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-01-23 10:46 - 2014-01-23 10:46 - 00000000 ____D () C:\Users\Richard ****\Documents\Network Monitor 3
2014-01-23 10:22 - 2013-04-14 10:48 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\TeamViewer
2014-01-23 10:22 - 2012-11-08 19:15 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-21 17:39 - 2012-09-28 20:33 - 00000000 ___RD () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-20 14:56 - 2012-09-28 02:29 - 00370721 ____N () C:\Windows\Minidump\012014-7066-01.dmp
2014-01-20 12:06 - 2014-01-19 20:48 - 00000000 ____D () C:\Users\Richard ****\Documents\RIFT
2014-01-19 20:48 - 2014-01-19 11:08 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\RIFT
2014-01-19 11:08 - 2014-01-19 11:08 - 00000528 _____ () C:\Users\Richard ****\Desktop\RIFT.lnk
2014-01-19 11:08 - 2014-01-19 11:08 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RIFT

Some content of TEMP:
====================
C:\Users\Richard ****\AppData\Local\Temp\AdobeDownloadAssistant.exe
C:\Users\Richard ****\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\Richard ****\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Richard ****\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Richard ****\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.5.exe
C:\Users\Richard ****\AppData\Local\Temp\nvStInst.exe
C:\Users\Richard ****\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard ****\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Richard ****\AppData\Local\Temp\sdapskill.exe
C:\Users\Richard ****\AppData\Local\Temp\sdaspwn.exe
C:\Users\Richard ****\AppData\Local\Temp\speccycpuid.dll
C:\Users\Richard ****\AppData\Local\Temp\ubi8181.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-13 07:37

==================== End Of Log ============================

Ist das etwas gefährliches?

schrauber · 18.02.2014, 07:20

Hi,

Funde durch MBAM löschen lassen.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

yosherl · 19.02.2014, 10:46

Code:

ATTFilter

# AdwCleaner v3.019 - Bericht erstellt am 18/02/2014 um 21:31:42
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Richard **** - DESKTOP
# Gestartet von : J:\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Richard ****\AppData\Roaming\Mozilla\Firefox\Profiles\cxol3jfn.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Richard ****\AppData\Roaming\Mozilla\Firefox\Profiles\cxol3jfn.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1381 octets] - [04/09/2013 08:57:12]
AdwCleaner[R1].txt - [1054 octets] - [04/09/2013 09:35:59]
AdwCleaner[R2].txt - [1145 octets] - [04/09/2013 09:37:17]
AdwCleaner[R3].txt - [1266 octets] - [04/09/2013 09:39:03]
AdwCleaner[R4].txt - [3869 octets] - [23/01/2014 18:22:37]
AdwCleaner[R5].txt - [1581 octets] - [30/01/2014 13:45:25]
AdwCleaner[R6].txt - [1674 octets] - [16/02/2014 00:43:51]
AdwCleaner[R7].txt - [1860 octets] - [18/02/2014 21:31:09]
AdwCleaner[S0].txt - [1442 octets] - [04/09/2013 08:58:01]
AdwCleaner[S1].txt - [1207 octets] - [04/09/2013 09:37:39]
AdwCleaner[S2].txt - [3446 octets] - [23/01/2014 18:23:35]
AdwCleaner[S3].txt - [1642 octets] - [30/01/2014 13:46:22]
AdwCleaner[S4].txt - [1735 octets] - [16/02/2014 00:44:22]
AdwCleaner[S5].txt - [1781 octets] - [18/02/2014 21:31:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1841 octets] ##########

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Richard **** :: DESKTOP [Administrator]

18.02.2014 10:38:09
mbam-log-2014-02-18 (10-38-09).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 589235
Laufzeit: 43 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C774641-5504-46A8-B63F-6715AE3FE376} (PUP.Optional.FindRight.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0B1G1O1S0V1G1F -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
J:\freevideotogif.exe (PUP.Optional.WorldSetup) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Richard **** (administrator) on DESKTOP on 19-02-2014 10:44:53
Running from J:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Black Hole Entertainment) J:\Might & Magic Heroes VI\Might & Magic Heroes VI.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-02] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2633229710-3872475631-2564557350-1000\...\Run: [DAEMON Tools Lite] - G:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2633229710-3872475631-2564557350-1000\...\Run: [Speccy] - C:\Program Files\Speccy\Speccy64.exe [6691608 2013-11-13] (Piriform Ltd)
HKU\S-1-5-21-2633229710-3872475631-2564557350-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-2633229710-3872475631-2564557350-1000\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Speccy.lnk
ShortcutTarget: Speccy.lnk -> C:\Program Files\Speccy\Speccy64.exe (Piriform Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Richard ****\AppData\Roaming\Mozilla\Firefox\Profiles\cxol3jfn.default
FF SearchEngineOrder.1: Google
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-04]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-18]

Chrome: 
=======
CHR HomePage: chrome://newtab
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (VLC Web Plugin) - G:\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (Google Docs) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-25]
CHR Extension: (Google Drive) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-25]
CHR Extension: (YouTube) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-25]
CHR Extension: (Google-Suche) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-25]
CHR Extension: (SnapDo) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj [2014-01-13]
CHR Extension: (RealDownloader) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-25]
CHR Extension: (Google Wallet) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Google Mail) - C:\Users\Richard ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-02] (AVAST Software)
R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-06] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-02] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-09] (DT Soft Ltd)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc.              )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ScreamBAudioSvc; No ImagePath
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 ALSysIO; \??\C:\Users\RICHAR~1\AppData\Local\Temp\ALSysIO64.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 cpuz136; \??\C:\Users\RICHAR~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-19 08:48 - 2014-02-19 08:48 - 00000796 _____ () C:\Users\Richard ****\Desktop\Speccy.lnk
2014-02-18 21:32 - 2014-02-18 21:32 - 00001909 _____ () C:\Users\Richard ****\Desktop\AdwCleaner[S5].txt
2014-02-18 15:43 - 2014-02-18 15:43 - 00001205 _____ () C:\Users\Richard ****\Desktop\Uplay.lnk
2014-02-18 15:41 - 2014-02-19 09:42 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Might & Magic Heroes VI
2014-02-17 21:42 - 2014-02-17 21:42 - 00387786 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2 Kopie  (CS6).aep
2014-02-17 21:06 - 2014-02-17 21:06 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe Scripts
2014-02-17 21:04 - 2014-02-17 21:09 - 00001456 _____ () C:\Users\Richard ****\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-02-17 10:32 - 2014-02-17 10:32 - 00009422 _____ () C:\Users\Richard ****\AppData\Local\recently-used.xbel
2014-02-16 21:32 - 2014-02-18 15:45 - 00001126 _____ () C:\Users\Richard ****\Desktop\Might & Magic Heroes VI - Verknüpfung.lnk
2014-02-16 19:52 - 2014-02-17 19:52 - 00000000 ____D () C:\ProgramData\Freemake
2014-02-16 19:51 - 2014-02-17 19:52 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-02-16 19:10 - 2014-02-16 19:10 - 00000000 ____D () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep Protokolle
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Canon
2014-02-16 15:36 - 2014-02-17 10:51 - 00385016 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep
2014-02-16 05:58 - 2014-02-16 05:58 - 00298618 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 1.aep
2014-02-16 05:47 - 2014-02-16 05:47 - 08636780 _____ (www.video-gif-converter.com ) C:\Users\Richard ****\Downloads\freevideotogif [1].exe
2014-02-16 05:47 - 2014-02-16 05:47 - 00001219 _____ () C:\Users\Richard ****\Desktop\Free Video to GIF Converter.lnk
2014-02-16 05:47 - 2014-02-16 05:47 - 00000000 ____D () C:\Program Files (x86)\Free Video to GIF Converter
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\GreatSoft
2014-02-15 18:46 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-15 18:43 - 2014-02-17 19:11 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe After Effects Auto-Speichern
2014-02-15 18:02 - 2014-02-15 22:25 - 00170880 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt.aep
2014-02-15 18:01 - 2008-01-30 17:36 - 00090112 _____ (MindVision Software) C:\Windows\unvise32.exe
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REVisionEffects
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Program Files (x86)\REVisionEffects
2014-02-15 17:51 - 2014-02-17 20:52 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe
2014-02-15 17:51 - 2014-02-15 17:51 - 00003520 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Desktop-Richard ****
2014-02-15 17:51 - 2014-02-15 17:51 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\PDAppFlex
2014-02-15 17:50 - 2014-02-17 20:45 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-15 16:51 - 2014-02-17 20:45 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-15 16:51 - 2014-02-15 17:16 - 00000000 ____D () C:\Program Files\Adobe
2014-02-15 16:17 - 2014-02-15 16:17 - 00001074 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-02-15 16:14 - 2014-02-15 16:14 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Temp5f308940076fd01702277c379419c2d2
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-15 13:37 - 2014-02-18 15:50 - 00000000 ____D () C:\Users\Richard ****\Documents\Might & Magic Heroes VI
2014-02-15 13:37 - 2014-02-18 15:43 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Ubisoft Game Launcher
2014-02-15 13:10 - 2014-02-15 13:10 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-13 03:00 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 03:00 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 03:00 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 03:00 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 03:00 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 03:00 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 03:00 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 03:00 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 03:00 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 03:00 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 03:00 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 03:00 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 03:00 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 03:00 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 03:00 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 03:00 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 03:00 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 03:00 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 03:00 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 03:00 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 03:00 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 03:00 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 03:00 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 03:00 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 03:00 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 03:00 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 03:00 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 03:00 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 03:00 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 03:00 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 03:00 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 03:00 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 03:00 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 03:00 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 03:00 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 03:00 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 03:00 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 03:00 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 03:00 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 03:00 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 03:00 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 07:38 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 07:38 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 07:38 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 07:38 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 07:38 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 07:38 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 07:38 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 07:38 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:38 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 07:38 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:38 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 07:38 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:38 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:38 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 07:38 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 07:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 07:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 07:38 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 07:38 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 07:38 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 07:38 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 07:38 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:38 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 07:38 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-06 15:33 - 2014-02-06 15:33 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\NVIDIA Corporation
2014-02-06 15:32 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-06 15:32 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-06 15:31 - 2013-12-19 19:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-06 15:31 - 2013-12-19 19:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-06 15:31 - 2013-12-19 06:01 - 03539040 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-06 15:30 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-06 15:30 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-06 15:30 - 2013-12-19 21:33 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-02-06 15:30 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-06 15:30 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-06 15:30 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-06 15:30 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-06 15:30 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-06 15:30 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\Desktop\EverQuest Next Landmark (2).lnk
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EverQuest Next Landmark (2).lnk
2014-01-30 15:32 - 2014-01-30 15:32 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Wargaming.net
2014-01-30 12:02 - 2014-01-30 12:02 - 00000528 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-01-26 15:58 - 2014-01-26 15:58 - 00000636 _____ () C:\Users\Public\Desktop\ ac2launcher Application.lnk
2014-01-23 18:56 - 2014-01-23 18:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 18:56 - 2014-01-23 18:56 - 00000000 ____D () C:\Program Files\Java
2014-01-23 18:54 - 2014-01-23 18:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-23 18:53 - 2014-01-23 18:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-23 18:49 - 2014-01-23 18:49 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-23 11:00 - 2014-02-19 08:42 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\TS3Client
2014-01-23 11:00 - 2014-01-23 11:00 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-01-23 10:52 - 2014-01-23 10:52 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\NetSpeedMonitor
2014-01-23 10:51 - 2014-01-23 10:52 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-01-23 10:46 - 2014-01-23 10:46 - 00000000 ____D () C:\Users\Richard ****\Documents\Network Monitor 3
2014-01-20 10:08 - 2013-07-03 12:02 - 00000318 _____ () C:\Users\Richard ****\Desktop\Curse Client.appref-ms

==================== One Month Modified Files and Folders =======

2014-02-19 10:44 - 2013-09-04 07:04 - 00000000 ____D () C:\FRST
2014-02-19 10:43 - 2013-06-25 13:56 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 09:51 - 2013-05-06 13:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-19 09:42 - 2014-02-18 15:41 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Might & Magic Heroes VI
2014-02-19 08:48 - 2014-02-19 08:48 - 00000796 _____ () C:\Users\Richard ****\Desktop\Speccy.lnk
2014-02-19 08:48 - 2012-09-28 20:33 - 00000000 ___RD () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-19 08:47 - 2012-09-30 02:15 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Adobe
2014-02-19 08:43 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 08:43 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 08:42 - 2014-01-23 11:00 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\TS3Client
2014-02-19 08:42 - 2011-04-12 08:43 - 00713556 _____ () C:\Windows\system32\perfh007.dat
2014-02-19 08:42 - 2011-04-12 08:43 - 00155492 _____ () C:\Windows\system32\perfc007.dat
2014-02-19 08:42 - 2009-07-14 06:13 - 01658748 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-19 08:40 - 2013-06-25 16:46 - 01108529 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 08:39 - 2013-06-25 16:44 - 00056759 _____ () C:\Windows\setupact.log
2014-02-19 08:39 - 2012-10-09 10:52 - 00000000 ____D () C:\Users\Richard ****\Documents\Outlook-Dateien
2014-02-19 08:36 - 2013-11-06 14:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-19 08:36 - 2013-06-25 13:56 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 08:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 21:42 - 2013-02-14 18:40 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-18 21:42 - 2013-02-14 18:39 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-18 21:38 - 2013-02-14 18:39 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-18 21:36 - 2014-01-17 16:26 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-18 21:36 - 2013-02-14 16:44 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Deployment
2014-02-18 21:32 - 2014-02-18 21:32 - 00001909 _____ () C:\Users\Richard ****\Desktop\AdwCleaner[S5].txt
2014-02-18 21:32 - 2013-07-02 08:47 - 00371766 _____ () C:\Windows\PFRO.log
2014-02-18 21:31 - 2013-09-04 08:57 - 00000000 ____D () C:\AdwCleaner
2014-02-18 15:50 - 2014-02-15 13:37 - 00000000 ____D () C:\Users\Richard ****\Documents\Might & Magic Heroes VI
2014-02-18 15:45 - 2014-02-16 21:32 - 00001126 _____ () C:\Users\Richard ****\Desktop\Might & Magic Heroes VI - Verknüpfung.lnk
2014-02-18 15:43 - 2014-02-18 15:43 - 00001205 _____ () C:\Users\Richard ****\Desktop\Uplay.lnk
2014-02-18 15:43 - 2014-02-15 13:37 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Ubisoft Game Launcher
2014-02-18 15:41 - 2013-09-09 13:22 - 00107568 _____ () C:\Windows\DirectX.log
2014-02-18 15:40 - 2012-09-28 21:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-18 15:09 - 2012-09-29 01:55 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Skype
2014-02-18 14:57 - 2012-12-04 14:11 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C22BAB9-115F-42DC-933C-D0F775D5F0DC}
2014-02-18 14:43 - 2012-09-28 21:24 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\vlc
2014-02-18 10:31 - 2009-07-14 05:45 - 05147672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-17 21:42 - 2014-02-17 21:42 - 00387786 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2 Kopie  (CS6).aep
2014-02-17 21:09 - 2014-02-17 21:04 - 00001456 _____ () C:\Users\Richard ****\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-02-17 21:06 - 2014-02-17 21:06 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe Scripts
2014-02-17 20:59 - 2012-09-29 00:26 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Adobe
2014-02-17 20:52 - 2014-02-15 17:51 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe
2014-02-17 20:46 - 2012-09-28 22:53 - 00120080 _____ () C:\Users\Richard ****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-17 20:45 - 2014-02-15 17:50 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-17 20:45 - 2014-02-15 16:51 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-17 20:45 - 2012-09-29 00:25 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-17 20:43 - 2012-09-29 02:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-17 19:52 - 2014-02-16 19:52 - 00000000 ____D () C:\ProgramData\Freemake
2014-02-17 19:52 - 2014-02-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-02-17 19:11 - 2014-02-15 18:43 - 00000000 ____D () C:\Users\Richard ****\Documents\Adobe After Effects Auto-Speichern
2014-02-17 11:02 - 2012-10-24 14:26 - 00000000 ____D () C:\Users\Richard ****\.gimp-2.8
2014-02-17 10:51 - 2014-02-16 15:36 - 00385016 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep
2014-02-17 10:32 - 2014-02-17 10:32 - 00009422 _____ () C:\Users\Richard ****\AppData\Local\recently-used.xbel
2014-02-16 22:09 - 2013-08-14 13:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 22:08 - 2012-09-28 22:15 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 19:10 - 2014-02-16 19:10 - 00000000 ____D () C:\Users\Richard ****\Documents\Unbenanntes Projekt 2.aep Protokolle
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-02-16 19:00 - 2014-02-16 19:00 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Canon
2014-02-16 14:49 - 2012-12-26 13:51 - 00001052 _____ () C:\Users\Richard ****\AppData\Roaming\gmic_sources.cimgz
2014-02-16 05:58 - 2014-02-16 05:58 - 00298618 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt 1.aep
2014-02-16 05:53 - 2013-01-18 14:27 - 00003358 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2633229710-3872475631-2564557350-1000
2014-02-16 05:53 - 2013-01-18 14:27 - 00003244 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2633229710-3872475631-2564557350-1000
2014-02-16 05:47 - 2014-02-16 05:47 - 08636780 _____ (www.video-gif-converter.com ) C:\Users\Richard ****\Downloads\freevideotogif [1].exe
2014-02-16 05:47 - 2014-02-16 05:47 - 00001219 _____ () C:\Users\Richard ****\Desktop\Free Video to GIF Converter.lnk
2014-02-16 05:47 - 2014-02-16 05:47 - 00000000 ____D () C:\Program Files (x86)\Free Video to GIF Converter
2014-02-16 00:46 - 2012-10-27 19:17 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\inkscape
2014-02-15 22:25 - 2014-02-15 18:02 - 00170880 _____ () C:\Users\Richard ****\Documents\Unbenanntes Projekt.aep
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\GreatSoft
2014-02-15 18:47 - 2014-02-15 18:46 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REVisionEffects
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____D () C:\Program Files (x86)\REVisionEffects
2014-02-15 17:51 - 2014-02-15 17:51 - 00003520 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Desktop-Richard ****
2014-02-15 17:51 - 2014-02-15 17:51 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\PDAppFlex
2014-02-15 17:51 - 2012-09-28 23:31 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\NVIDIA
2014-02-15 17:16 - 2014-02-15 16:51 - 00000000 ____D () C:\Program Files\Adobe
2014-02-15 16:17 - 2014-02-15 16:17 - 00001074 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-02-15 16:14 - 2014-02-15 16:14 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Temp5f308940076fd01702277c379419c2d2
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-15 16:09 - 2014-02-15 16:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-15 13:10 - 2014-02-15 13:10 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-15 13:04 - 2012-10-09 10:25 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\DAEMON Tools Lite
2014-02-14 21:34 - 2012-09-28 20:33 - 00000000 ____D () C:\Users\Richard ****
2014-02-14 21:31 - 2013-01-15 13:16 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-02-14 21:31 - 2012-12-16 12:39 - 00000000 ____D () C:\Program Files (x86)\CEWE COLOR
2014-02-14 18:53 - 2013-06-27 19:41 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\Arma 3
2014-02-14 11:18 - 2013-06-25 16:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 07:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 03:04 - 2012-10-09 10:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 03:01 - 2013-06-24 11:42 - 01632092 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 03:01 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-12 09:56 - 2014-01-09 11:04 - 00000000 ____D () C:\Users\Richard ****\Documents\Elder Scrolls Online
2014-02-12 09:56 - 2014-01-09 11:04 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-02-12 07:38 - 2013-06-25 13:56 - 00004124 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 07:38 - 2013-06-25 13:56 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-11 03:16 - 2014-01-10 17:06 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Awesomium
2014-02-06 18:58 - 2013-02-14 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-06 15:33 - 2014-02-06 15:33 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\NVIDIA Corporation
2014-02-06 15:33 - 2013-11-06 14:00 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-06 15:33 - 2013-09-04 14:04 - 00000000 ____D () C:\Users\Richard ****\AppData\Local\NVIDIA
2014-02-06 15:32 - 2012-09-28 22:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-06 15:32 - 2012-09-28 22:30 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-06 15:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-06 15:06 - 2013-02-14 09:52 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 15:06 - 2012-09-28 02:29 - 00370721 ____N () C:\Windows\Minidump\020614-7160-01.dmp
2014-02-06 13:16 - 2014-02-13 03:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 03:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 03:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 03:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 03:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 03:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 03:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 03:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 03:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 03:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 03:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 03:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 03:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 03:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 03:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 15:51 - 2013-05-06 13:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 15:51 - 2013-05-06 13:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 15:51 - 2013-05-06 13:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 20:42 - 2013-06-25 13:57 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 15:44 - 2014-02-04 15:44 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 15:43 - 2013-02-18 14:59 - 00000000 ____D () C:\ProgramData\Apple
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\Desktop\EverQuest Next Landmark (2).lnk
2014-02-03 10:56 - 2014-02-03 10:56 - 00000615 _____ () C:\Users\Richard ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EverQuest Next Landmark (2).lnk
2014-02-03 10:29 - 2013-09-04 13:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-02 09:53 - 2014-01-06 00:49 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-02 09:53 - 2013-12-14 01:46 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-02 09:53 - 2013-09-04 13:12 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-02 09:53 - 2013-09-04 13:12 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-02 09:53 - 2013-09-04 13:12 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-02 09:53 - 2013-09-04 13:12 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-02 09:53 - 2013-09-04 13:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-01 10:30 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-30 15:32 - 2014-01-30 15:32 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\Wargaming.net
2014-01-30 12:02 - 2014-01-30 12:02 - 00000528 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-01-30 12:02 - 2013-04-23 12:52 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-26 15:58 - 2014-01-26 15:58 - 00000636 _____ () C:\Users\Public\Desktop\ ac2launcher Application.lnk
2014-01-26 14:31 - 2013-09-05 13:45 - 00000000 ____D () C:\Program Files\Recuva
2014-01-25 11:11 - 2013-03-02 14:59 - 00000000 ____D () C:\Users\Richard ****\Desktop\TTZ
2014-01-23 18:56 - 2014-01-23 18:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 18:56 - 2014-01-23 18:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 18:56 - 2014-01-23 18:56 - 00000000 ____D () C:\Program Files\Java
2014-01-23 18:54 - 2014-01-23 18:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-23 18:53 - 2014-01-23 18:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-23 18:53 - 2014-01-23 18:53 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-23 18:53 - 2012-10-20 18:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-23 18:49 - 2014-01-23 18:49 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-23 11:00 - 2014-01-23 11:00 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-01-23 11:00 - 2012-09-28 23:07 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-01-23 10:57 - 2013-09-04 13:29 - 00000000 ____D () C:\Teamspeak
2014-01-23 10:52 - 2014-01-23 10:52 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\NetSpeedMonitor
2014-01-23 10:52 - 2014-01-23 10:51 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-01-23 10:46 - 2014-01-23 10:46 - 00000000 ____D () C:\Users\Richard ****\Documents\Network Monitor 3
2014-01-23 10:22 - 2013-04-14 10:48 - 00000000 ____D () C:\Users\Richard ****\AppData\Roaming\TeamViewer
2014-01-23 10:22 - 2012-11-08 19:15 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-20 14:56 - 2012-09-28 02:29 - 00370721 ____N () C:\Windows\Minidump\012014-7066-01.dmp
2014-01-20 12:06 - 2014-01-19 20:48 - 00000000 ____D () C:\Users\Richard ****\Documents\RIFT

Some content of TEMP:
====================
C:\Users\Richard ****\AppData\Local\Temp\Quarantine.exe
C:\Users\Richard ****\AppData\Local\Temp\speccycpuid.dll
C:\Users\Richard ****\AppData\Local\Temp\ubiCC2B.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-19 00:46

==================== End Of Log ============================

--- --- ---

schrauber · 20.02.2014, 10:18

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Pup.Optional.FindRight.A + .BrowserFox.A

Plagegeister aller Art und deren Bekämpfung: Pup.Optional.FindRight.A + .BrowserFox.A